Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gogglesmm-0.12.7/src/GMTrackList.cpp
Examining data/gogglesmm-0.12.7/src/GMThread.h
Examining data/gogglesmm-0.12.7/src/GMPlayer.h
Examining data/gogglesmm-0.12.7/src/ap_xml_parser.cpp
Examining data/gogglesmm-0.12.7/src/GMPlayListSource.h
Examining data/gogglesmm-0.12.7/src/GMImageView.h
Examining data/gogglesmm-0.12.7/src/gmutils.cpp
Examining data/gogglesmm-0.12.7/src/GMQuery.h
Examining data/gogglesmm-0.12.7/src/GMFetch.h
Examining data/gogglesmm-0.12.7/src/GMClipboard.cpp
Examining data/gogglesmm-0.12.7/src/GMAudioScrobbler.h
Examining data/gogglesmm-0.12.7/src/GMDatabaseSource.cpp
Examining data/gogglesmm-0.12.7/src/main.cpp
Examining data/gogglesmm-0.12.7/src/GMPreferencesDialog.h
Examining data/gogglesmm-0.12.7/src/GMRemote.h
Examining data/gogglesmm-0.12.7/src/GMPlayerManager.cpp
Examining data/gogglesmm-0.12.7/src/GMImportDialog.h
Examining data/gogglesmm-0.12.7/src/GMTrayIcon.h
Examining data/gogglesmm-0.12.7/src/GMIconTheme.h
Examining data/gogglesmm-0.12.7/src/GMMediaPlayerService.cpp
Examining data/gogglesmm-0.12.7/src/GMRemote.cpp
Examining data/gogglesmm-0.12.7/src/GMFilename.cpp
Examining data/gogglesmm-0.12.7/src/GMAutoPtr.h
Examining data/gogglesmm-0.12.7/src/GMApp.h
Examining data/gogglesmm-0.12.7/src/ap_http.cpp
Examining data/gogglesmm-0.12.7/src/GMList.h
Examining data/gogglesmm-0.12.7/src/GMDatabase.cpp
Examining data/gogglesmm-0.12.7/src/gmutils.h
Examining data/gogglesmm-0.12.7/src/GMStreamSource.cpp
Examining data/gogglesmm-0.12.7/src/GMSource.h
Examining data/gogglesmm-0.12.7/src/GMFontDialog.h
Examining data/gogglesmm-0.12.7/src/GMSourceView.h
Examining data/gogglesmm-0.12.7/src/GMQuery.cpp
Examining data/gogglesmm-0.12.7/src/GMURL.cpp
Examining data/gogglesmm-0.12.7/src/GMDatabaseSource.h
Examining data/gogglesmm-0.12.7/src/GMNotifyDaemon.cpp
Examining data/gogglesmm-0.12.7/src/GMTaskManager.cpp
Examining data/gogglesmm-0.12.7/src/GMDBus.cpp
Examining data/gogglesmm-0.12.7/src/GMPreferences.h
Examining data/gogglesmm-0.12.7/src/GMPreferencesDialog.cpp
Examining data/gogglesmm-0.12.7/src/GMTaskManager.h
Examining data/gogglesmm-0.12.7/src/GMColumnDialog.cpp
Examining data/gogglesmm-0.12.7/src/GMTrackItem.cpp
Examining data/gogglesmm-0.12.7/src/fxext.cpp
Examining data/gogglesmm-0.12.7/src/GMCoverCache.cpp
Examining data/gogglesmm-0.12.7/src/GMAnimImage.cpp
Examining data/gogglesmm-0.12.7/src/gmdefs.h
Examining data/gogglesmm-0.12.7/src/ap_buffer.cpp
Examining data/gogglesmm-0.12.7/src/GMSettingsDaemon.cpp
Examining data/gogglesmm-0.12.7/src/GMSearch.h
Examining data/gogglesmm-0.12.7/src/GMTrackView.cpp
Examining data/gogglesmm-0.12.7/src/GMURL.h
Examining data/gogglesmm-0.12.7/src/GMDatabase.h
Examining data/gogglesmm-0.12.7/src/GMTrayIcon.cpp
Examining data/gogglesmm-0.12.7/src/GMEQDialog.h
Examining data/gogglesmm-0.12.7/src/GMMessageChannel.h
Examining data/gogglesmm-0.12.7/src/GMTrackDatabase.cpp
Examining data/gogglesmm-0.12.7/src/GMTrackList.h
Examining data/gogglesmm-0.12.7/src/GMTrackDatabase.h
Examining data/gogglesmm-0.12.7/src/GMFilename.h
Examining data/gogglesmm-0.12.7/src/ap_buffer.h
Examining data/gogglesmm-0.12.7/src/ap_xml_parser.h
Examining data/gogglesmm-0.12.7/src/GMAbout.cpp
Examining data/gogglesmm-0.12.7/src/GMList.cpp
Examining data/gogglesmm-0.12.7/src/GMTag.h
Examining data/gogglesmm-0.12.7/src/GMThread.cpp
Examining data/gogglesmm-0.12.7/src/GMApp.cpp
Examining data/gogglesmm-0.12.7/src/GMSourceView.cpp
Examining data/gogglesmm-0.12.7/src/GMImageView.cpp
Examining data/gogglesmm-0.12.7/src/GMColumnDialog.h
Examining data/gogglesmm-0.12.7/src/md5.cpp
Examining data/gogglesmm-0.12.7/src/GMNotifyDaemon.h
Examining data/gogglesmm-0.12.7/src/GMMediaPlayerService.h
Examining data/gogglesmm-0.12.7/src/GMPlayer.cpp
Examining data/gogglesmm-0.12.7/src/GMPreferences.cpp
Examining data/gogglesmm-0.12.7/src/GMPlayListSource.cpp
Examining data/gogglesmm-0.12.7/src/GMStreamSource.h
Examining data/gogglesmm-0.12.7/src/GMWindow.cpp
Examining data/gogglesmm-0.12.7/src/fxext.h
Examining data/gogglesmm-0.12.7/src/GMPlayerManager.h
Examining data/gogglesmm-0.12.7/src/GMImportDialog.cpp
Examining data/gogglesmm-0.12.7/src/GMEQDialog.cpp
Examining data/gogglesmm-0.12.7/src/GMFontDialog.cpp
Examining data/gogglesmm-0.12.7/src/md5.h
Examining data/gogglesmm-0.12.7/src/GMTag.cpp
Examining data/gogglesmm-0.12.7/src/ap_http.h
Examining data/gogglesmm-0.12.7/src/GMWindow.h
Examining data/gogglesmm-0.12.7/src/GMIconTheme.cpp
Examining data/gogglesmm-0.12.7/src/GMClipboard.h
Examining data/gogglesmm-0.12.7/src/GMTrackView.h
Examining data/gogglesmm-0.12.7/src/GMCoverCache.h
Examining data/gogglesmm-0.12.7/src/GMAudioScrobbler.cpp
Examining data/gogglesmm-0.12.7/src/GMSettingsDaemon.h
Examining data/gogglesmm-0.12.7/src/GMSearch.cpp
Examining data/gogglesmm-0.12.7/src/GMSource.cpp
Examining data/gogglesmm-0.12.7/src/GMTrackItem.h
Examining data/gogglesmm-0.12.7/src/GMAnimImage.h
Examining data/gogglesmm-0.12.7/src/GMMessageChannel.cpp
Examining data/gogglesmm-0.12.7/src/GMDBus.h
Examining data/gogglesmm-0.12.7/src/GMFetch.cpp
Examining data/gogglesmm-0.12.7/src/GMAbout.h

FINAL RESULTS:

data/gogglesmm-0.12.7/src/GMIconTheme.cpp:501:15:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
          if (system(GMStringFormat("rsvg-convert --format=png --width=%d --height=%d -o %s %s\n",size,size,target.text(),path.text()).text())==0){
data/gogglesmm-0.12.7/src/gmutils.cpp:445:7:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
      execlp("/bin/sh", "sh", "-c",exec.text(),(char *)0);
data/gogglesmm-0.12.7/src/GMApp.cpp:235:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[40];
data/gogglesmm-0.12.7/src/GMAudioScrobbler.cpp:672:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (store.open(filename,FXStreamLoad)){
data/gogglesmm-0.12.7/src/GMAudioScrobbler.cpp:693:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (store.open(filename,FXStreamSave)){
data/gogglesmm-0.12.7/src/GMCoverCache.cpp:66:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buffer,b,len);
data/gogglesmm-0.12.7/src/GMCoverCache.cpp:179:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst,src,sw);
data/gogglesmm-0.12.7/src/GMCoverCache.cpp:376:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (store.open(getCacheFile(),FXStreamSave)){
data/gogglesmm-0.12.7/src/GMCoverCache.cpp:391:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (store.open(getCacheFile(),FXStreamLoad)) {
data/gogglesmm-0.12.7/src/GMDBus.cpp:344:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
FXbool GMDBus::open(DBusBusType bustype/*=DBUS_BUS_SESSION*/){
data/gogglesmm-0.12.7/src/GMDBus.h:69:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FXbool open(DBusBusType bustype=DBUS_BUS_SESSION);
data/gogglesmm-0.12.7/src/GMDatabase.cpp:29:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
FXbool GMDatabase::open(const FXString & filename){
data/gogglesmm-0.12.7/src/GMDatabase.h:34:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FXbool open(const FXString & filename);
data/gogglesmm-0.12.7/src/GMIconTheme.cpp:75:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (store.open(GMApp::getCacheDirectory(true)+CACHE_FILE_NAME,FXStreamSave)) {
data/gogglesmm-0.12.7/src/GMIconTheme.cpp:121:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (store.open(GMApp::getCacheDirectory()+PATHSEPSTRING+"icontheme.cache",FXStreamLoad)) {
data/gogglesmm-0.12.7/src/GMIconTheme.cpp:400:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if(store.open(filename,FXStreamLoad,65536)){
data/gogglesmm-0.12.7/src/GMIconTheme.cpp:430:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if(store.open(filename,FXStreamLoad,65536)){
data/gogglesmm-0.12.7/src/GMPlayer.cpp:393:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
FXbool GMPlayer::open(const FXString & mrl_in){
data/gogglesmm-0.12.7/src/GMPlayer.h:175:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FXbool open(const FXString & mrl);
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:193:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        p->open(mrl);
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:363:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      open(cmd);
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:475:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (fifo.open(fifofilename,FXIO::WriteOnly|FXIO::NonBlocking)){
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:508:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fifo.open(fifofilename,FXIO::Reading|FXIO::WriteOnly,FXIO::OwnerWrite);
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:643:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (!sessionbus->open(DBUS_BUS_SESSION) || !sessionbus->connected()) {
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:682:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (!systembus->open(DBUS_BUS_SYSTEM) || !systembus->connected()) {
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:780:5:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    open(url);
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:954:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (!player->open(filename)){
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:1009:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!player->open(list[i])){
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:1042:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void GMPlayerManager::open(const FXString & uri) {
data/gogglesmm-0.12.7/src/GMPlayerManager.cpp:1628:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[256];
data/gogglesmm-0.12.7/src/GMPlayerManager.h:210:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  void open(const FXString & mrl);
data/gogglesmm-0.12.7/src/GMSearch.cpp:61:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FXbool open();
data/gogglesmm-0.12.7/src/GMSearch.cpp:124:26:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
FXbool GMDatabaseThread::open() {
data/gogglesmm-0.12.7/src/GMSearch.cpp:222:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (!open()) return -1;
data/gogglesmm-0.12.7/src/GMSearch.cpp:380:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (!open()) return 1;
data/gogglesmm-0.12.7/src/GMTag.cpp:865:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (io.open(mrl,FXIO::Reading)) {
data/gogglesmm-0.12.7/src/GMTag.cpp:888:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (io.open(mrl,FXIO::Reading)) {
data/gogglesmm-0.12.7/src/GMTag.cpp:981:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buffer,tbuf.data(),len);
data/gogglesmm-0.12.7/src/GMTrackDatabase.cpp:189:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (!db.open(database))
data/gogglesmm-0.12.7/src/GMTrackDatabase.cpp:2752:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE * fp = fopen(filename.text(),"w");
data/gogglesmm-0.12.7/src/GMWindow.cpp:1240:34:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    GMPlayerManager::instance()->open(filename);
data/gogglesmm-0.12.7/src/ap_buffer.cpp:131:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(wrptr,b,nbytes);
data/gogglesmm-0.12.7/src/ap_buffer.cpp:146:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(b,rdptr,nbytes);
data/gogglesmm-0.12.7/src/ap_buffer.cpp:154:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(b,rdptr,nbytes);
data/gogglesmm-0.12.7/src/gmutils.cpp:490:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    store.open(FXStreamLoad,size,(FXuchar*)data);
data/gogglesmm-0.12.7/src/gmutils.cpp:492:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    store.open(FXStreamLoad,(FXuchar*)data,size);
data/gogglesmm-0.12.7/src/md5.cpp:169:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(xbuf, data, 64);
data/gogglesmm-0.12.7/src/md5.cpp:343:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(pms->buf + offset, p, copy);
data/gogglesmm-0.12.7/src/md5.cpp:357:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(pms->buf, p, left);
data/gogglesmm-0.12.7/src/GMFontDialog.cpp:187:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(selected.face,familylist->getItemText(selindex).text(),sizeof(selected.face));
data/gogglesmm-0.12.7/src/GMFontDialog.cpp:338:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(selected.face,familylist->getItemText((FXint)(FXival)ptr).text(),sizeof(selected.face));
data/gogglesmm-0.12.7/src/GMMessageChannel.cpp:116:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if(::read(h[0],&pkg,sizeof(FXMessage))==sizeof(FXMessage)){
data/gogglesmm-0.12.7/src/GMMessageChannel.cpp:117:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if(0<pkg.size && (::read(h[0],pkg.data,pkg.size)==pkg.size)){
data/gogglesmm-0.12.7/src/GMPreferencesDialog.cpp:1209:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(fontdescription.face,font->getActualName().text(),sizeof(fontdescription.face));
data/gogglesmm-0.12.7/src/ap_buffer.cpp:143:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
FXival MemoryBuffer::read(void * b, FXival nbytes) {
data/gogglesmm-0.12.7/src/ap_buffer.h:48:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  FXival read(void * bytes,FXival nbytes);
data/gogglesmm-0.12.7/src/ap_http.cpp:76:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
FXival HttpResponse::read(FXchar*ptr,FXival nbytes) {
data/gogglesmm-0.12.7/src/ap_http.cpp:80:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      FXival n = buffer.read(ptr,nbytes);
data/gogglesmm-0.12.7/src/ap_http.cpp:205:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(clrf,2)!=2 || clrf[0]!='\r' || clrf[1]!='\n') {
data/gogglesmm-0.12.7/src/ap_http.cpp:253:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    FXival n = read(&body[0],content_length);
data/gogglesmm-0.12.7/src/ap_http.cpp:263:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      n = read(&body[pos],BLOCK);
data/gogglesmm-0.12.7/src/ap_http.cpp:288:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if (read(&body[body.length()-chunksize],chunksize)<chunksize)
data/gogglesmm-0.12.7/src/ap_http.cpp:324:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    FXival n = read(body,content_length);
data/gogglesmm-0.12.7/src/ap_http.cpp:340:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      n = read(body+len,BLOCK);
data/gogglesmm-0.12.7/src/ap_http.cpp:368:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if (read(body+size-chunksize,chunksize)<chunksize)
data/gogglesmm-0.12.7/src/ap_http.cpp:400:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    FXival n = read(data,FXMIN(content_length,len));
data/gogglesmm-0.12.7/src/ap_http.cpp:405:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    return read((FXchar*)ptr,len);
data/gogglesmm-0.12.7/src/ap_http.cpp:437:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    FXival n = read(data+nbytes,FXMIN(len,chunk_remaining));
data/gogglesmm-0.12.7/src/ap_http.cpp:793:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    nread=::read(device,data,count);
data/gogglesmm-0.12.7/src/ap_http.h:128:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    FXival read(FXchar*ptr,FXival nbytes);

ANALYSIS SUMMARY:

Hits = 70
Lines analyzed = 40800 in approximately 3.46 seconds (11788 lines/second)
Physical Source Lines of Code (SLOC) = 29604
Hits@level = [0]  26 [1]  21 [2]  47 [3]   0 [4]   2 [5]   0
Hits@level+ = [0+]  96 [1+]  70 [2+]  49 [3+]   2 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 3.24281 [1+] 2.36455 [2+] 1.65518 [3+] 0.0675584 [4+] 0.0675584 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.