Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/about.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/article_netmgr.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/articleinspector.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/articleview.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/articlewebview.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/atomic_rename.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/audiolink.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/audioplayerfactory.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/belarusiantranslit.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/bgl_babylon.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/broken_xrecord.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/chinese.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/chineseconversion.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/config.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/country.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/decompress.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/delegate.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictheadwords.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictinfo.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictionary.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictionarybar.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictserver.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/dsl_details.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/editdictionaries.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/epwing.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/epwing_charmap.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/externalaudioplayer.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/externalviewer.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/extlineedit.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/favoritespanewidget.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/ffmpegaudio.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/file.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/filetype.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/fixx11h.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/folding.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/forvo.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/fsencoding.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/ftshelpers.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/fulltextsearch.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/gdappstyle.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/gddebug.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/generators/generate.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/german.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/gestures.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/greektranslit.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/groupcombobox.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/groups.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/groups_widgets.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/guids.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/helpwindow.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/history.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/historypanewidget.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/hotkeyedit.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/hotkeys.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/hotkeys.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/hotkeywrapper.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/htmlescape.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/hunspell.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/iconv.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/indexedzip.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/initializing.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/instances.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/keyboardstate.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/langcoder.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/language.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/lionsupport.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/loaddictionaries.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/main.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mainstatusbar.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/maintabwidget.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mediawiki.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/GDDataTranfer.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/GetWord.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/GetWord.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/GetWordByIAccEx.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/GetWordByIAccEx.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/HookImportFunction.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/HookImportFunction.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/IAccEx.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/IAccExInt.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutSpy.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutSpy.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/ThTypes.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/ThTypes.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/guids.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mruqmenu.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/multimediaaudioplayer.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/mutex.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/nsis/gen_uninstall/gen_uninstall.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/orderandprops.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/parsecmdline.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/preferences.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/processwrapper.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/programs.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/examples/console/main.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/examples/loader/main.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/examples/trivial/main.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlocalpeer.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlocalpeer.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlockedfile.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlockedfile.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlockedfile_unix.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlockedfile_win.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtsingleapplication.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtsingleapplication.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtsinglecoreapplication.cpp
Examining data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtsinglecoreapplication.h
Examining data/goldendict-1.5.0~rc2+git20200409+ds/ripemd.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/romaji.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/russiantranslit.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/scanflag.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/scanpopup.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/sounddir.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/sources.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/speechclient_win.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/speechhlp.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/stylescombobox.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/termination.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/texttospeechsource.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/tiff.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/translatebox.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/transliteration.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/treeview.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/ufile.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/utf8.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/voiceengines.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/webmultimediadownload.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/website.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/wildcard.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/wordbyauto.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/wordfinder.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/wordlist.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/wstring.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/wstring_qt.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/x64.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/xdxf2html.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/zipfile.cc
Examining data/goldendict-1.5.0~rc2+git20200409+ds/zipsounds.cc

FINAL RESULTS:

data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:301:25:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
        if ( !indexFile.gets( buf, sizeof( buf ), true ) )
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:525:23:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
      if ( !indexFile.gets( buf, sizeof( buf ), true ) )
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:679:27:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
          if ( !indexFile.gets( buf, sizeof( buf ), true ) )
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:204:15:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
char * Class::gets( char * s, int size, bool stripNl )
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:232:20:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
std::string Class::gets( bool stripNl ) THROW_SPEC( exReadError, exWriteError )
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:236:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
  if ( !gets( buf, sizeof( buf ), stripNl ) )
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1618:28:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
  if ( QString::fromUtf8(f.gets().c_str()) != "StarDict's dict ifo file" ||
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1619:10:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
       f.gets().compare( 0, versionEq.size(), versionEq ) )
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1630:15:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
      if ( !f.gets( option, sizeof( option ), true ) )
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:962:16:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
            ss.sprintf( " (%i/%i)", qFromBigEndian( dictHeader.volume ), volumes );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:170:4:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   vfprintf( stderr, format, ap );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:200:4:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   vfprintf( stderr, format, ap );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:239:3:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  vfprintf( stderr, format, ap );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:602:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
     strcpy( h->errorString, dz_error_str( DZ_ERR_NOMEMORY ) );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:643:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy( h->errorString, dz_error_str( DZ_ERR_READFILE ) );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:667:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	   sprintf( h->errorString, "Cannot initialize inflation engine: %s", h->zStream.msg );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:723:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	      strcpy( h->errorString, dz_error_str( DZ_ERR_NOMEMORY ) );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:751:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy( h->errorString, dz_error_str( DZ_ERR_READFILE ) );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:765:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	      sprintf( h->errorString, "inflate: %s\n", h->zStream.msg );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:1233:54:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            gdLang = LangCoder::code2toInt( QLocale::system().name().left( 2 ).toLatin1().data() );
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1736:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    str.sprintf( "<R%i>", refOpenCount );
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1750:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
  str.sprintf( "</R%i>", refCloseCount );
data/goldendict-1.5.0~rc2+git20200409+ds/gddebug.cc:26:29:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
  qWarning( "%s", QString().vsprintf( msg, ap ).toUtf8().data() );
data/goldendict-1.5.0~rc2+git20200409+ds/gddebug.cc:51:27:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
  qDebug( "%s", QString().vsprintf( msg, ap ).toUtf8().data() );
data/goldendict-1.5.0~rc2+git20200409+ds/helpwindow.cc:98:27:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    localeName = QLocale::system().name();
data/goldendict-1.5.0~rc2+git20200409+ds/main.cc:351:33:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
  QString localeName = QLocale::system().name();
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/GetWord.c:120:8:  [4] (buffer) lstrcpynW:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
							lstrcpynW(params->Buffer, Buf + BegPos, WordLen+1);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:586:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(P->MatchedWord, p);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c:180:3:  [4] (buffer) lstrcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer.
		lstrcpy( libName, dir );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c:186:3:  [4] (buffer) lstrcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer.
		lstrcpy( GlobalData->LibName, dir );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:944:14:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        name.sprintf( "%04X%04X%04X.gif", entry.itemIndex, entry.binIndex, texCount );
data/goldendict-1.5.0~rc2+git20200409+ds/main.cc:219:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char * xdg_envc = getenv("XDG_SESSION_TYPE");
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:4385:30:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
          explorerLaunched = CreateProcess(0, (wchar_t*) param.utf16(),
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:4385:30:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
          explorerLaunched = CreateProcess(0, (wchar_t*) param.utf16(),
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover.cc:142:12:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
  spyDll = LoadLibrary( QDir::toNativeSeparators( QDir( QCoreApplication::applicationDirPath() ).filePath( "GdTextOutSpy64.dll" ) ).toStdWString().c_str() );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover.cc:144:12:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
  spyDll = LoadLibrary( QDir::toNativeSeparators( QDir( QCoreApplication::applicationDirPath() ).filePath( "GdTextOutSpy.dll" ) ).toStdWString().c_str() );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:151:2:  [3] (misc) EnterCriticalSection:
  On some versions of Windows, exceptions can be thrown in low-memory
  situations. Use InitializeCriticalSectionAndSpinCount instead.
	EnterCriticalSection(&hookCS);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:609:4:  [3] (misc) InitializeCriticalSection:
  Exceptions can be thrown in low-memory situations. Use
  InitializeCriticalSectionAndSpinCount instead.
			InitializeCriticalSection(&hookCS);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c:194:12:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
		spyDll = LoadLibrary( libName );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char signature[4];
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char checksum[40];
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:67:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uuid[16];
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:73:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char indexItemFormat[4];
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keyLengthFormat[2];
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:75:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char articleLengthFormat[2];
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:836:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/about.cc:18:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !versionFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/about.cc:43:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( creditsFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:57:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    builtInCssFile.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:72:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      builtInCssFile.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:85:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( cssFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:102:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if( addonCss.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:130:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    builtInCssFile.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:142:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( cssFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:160:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if( addonCss.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:344:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &( r->getData().front() ), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:402:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &( r->getData().front() ), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:416:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &( r->getData().front() ), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:432:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &( r->getData().front() ), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:487:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), header.data(), header.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:727:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front() + offset, head.data(), head.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:797:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front() + offset, footer.data(), footer.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:869:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &data.front() + offset, footer.data(), footer.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_maker.cc:1072:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front() + offset, str.data(), str.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/article_netmgr.cc:198:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( data, buffer.data(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/article_netmgr.cc:421:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      buf.open( QBuffer::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/article_netmgr.cc:455:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                buffer.open(QIODevice::WriteOnly);
data/goldendict-1.5.0~rc2+git20200409+ds/article_netmgr.cc:460:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy( &( ico->getData().front() ), bytes.data(), bytes.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/articleview.cc:386:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buf.open( QIODevice::WriteOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/articleview.cc:2039:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if ( !tmp.open() || (size_t) tmp.write( &data.front(), data.size() ) != data.size() )
data/goldendict-1.5.0~rc2+git20200409+ds/articleview.cc:2994:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          if ( file.open( QFile::WriteOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:943:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1256:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( !b.open() )
data/goldendict-1.5.0~rc2+git20200409+ds/bgl_babylon.cc:68:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
bool Babylon::open()
data/goldendict-1.5.0~rc2+git20200409+ds/bgl_babylon.cc:71:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[6];
data/goldendict-1.5.0~rc2+git20200409+ds/bgl_babylon.cc:171:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[4];
data/goldendict-1.5.0~rc2+git20200409+ds/bgl_babylon.cc:278:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( &icon.front(), &(block.data[ 2 ]), icon.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:771:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy( &chainSize, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:792:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &chainSize, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:881:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &chainSize, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:897:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &articleOffset, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:991:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( ptr, chain[ y ].word.c_str(), chain[ y ].word.size() + 1 );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:994:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( ptr, chain[ y ].prefix.c_str(), chain[ y ].prefix.size() + 1 );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:997:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( ptr, &(chain[ y ].articleOffset), sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1003:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( saveSizeHere, &size, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1026:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &uncompressedData.front() + sizeof( uint32_t ) + x * sizeof( uint32_t ), &offset, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1033:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &uncompressedData.front() + prevSize, nextIndex->first.c_str(),
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1044:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &uncompressedData.front() + sizeof( uint32_t ) +
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1054:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char workMem[ LZO1X_1_MEM_COMPRESS ];
data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc:21:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char zero[ 4096 ];
data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc:55:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &buffer.front() + bufferUsed, data, size );
data/goldendict-1.5.0~rc2+git20200409+ds/config.cc:420:5:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    wchar_t buf[ MAX_PATH ];
data/goldendict-1.5.0~rc2+git20200409+ds/config.cc:479:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !configFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/config.cc:1204:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !configFile.open( QFile::WriteOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/decompress.cc:14:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[CHUNK_SIZE];
data/goldendict-1.5.0~rc2+git20200409+ds/decompress.cc:51:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[CHUNK_SIZE];
data/goldendict-1.5.0~rc2+git20200409+ds/decompress.cc:88:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[CHUNK_SIZE];
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:288:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[ 16384 ];
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:460:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &(ret->getData().front()), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:520:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[ 16384 ];
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:673:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[ 16384 ];
data/goldendict-1.5.0~rc2+git20200409+ds/dictheadwords.cc:311:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( !file.open( QFile::WriteOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/dictionary.cc:130:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( buffer, &data[ offset ], size );
data/goldendict-1.5.0~rc2+git20200409+ds/dictserver.cc:938:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), articleData.data(), articleData.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:266:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char          buffer[BUFFERSIZE];
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:491:6:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
     wchar_t wname[16384];
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:501:10:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
     if( MultiByteToWideChar( CP_UTF8, 0, filename, -1, wname, 16384 ) == 0 )
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:589:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char          outBuffer[OUT_BUFFER_SIZE];
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:626:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy( h->errorString, "Cannot seek on pure gzip format files" );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:734:15:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
              sprintf( h->errorString, "h->chunks[%d] = %d >= %ld (OUT_BUFFER_SIZE)\n",
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:776:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      sprintf( h->errorString, "inflate did not flush (%d pending, %d avail)\n",
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:791:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	       memcpy( pt, inBuffer + firstOffset, lastOffset-firstOffset);
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:801:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		 sprintf( h->errorString, "Length = %d instead of %d\n",
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:806:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	       memcpy( pt, inBuffer + firstOffset,
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:811:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy( pt, inBuffer, lastOffset );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:815:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy( pt, inBuffer, h->chunkLength );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:823:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy( h->errorString, "Cannot read unknown file type" );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.h:93:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char          errorString[512];
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:431:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &total, abrvBlock, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:439:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy( &keySz, abrvBlock, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:447:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy( &valueSz, abrvBlock, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:1214:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if( !annFile.open( QFile::ReadOnly | QFile::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:1772:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &data.front() + data.size() - articleText.size(),
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:1938:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        buffer.open( QIODevice::WriteOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:1945:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front(), buffer.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl_details.cc:825:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char firstBytes[ 2 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing.cc:649:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/epwing.cc:764:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( f.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/epwing.cc:772:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), buffer.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:176:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[ 2 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:210:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[2];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:230:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[2];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:550:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( f.open( QFile::ReadOnly | QFile::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:620:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[ EB_MAX_PATH_LENGTH + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:644:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[ EB_MAX_TITLE_LENGTH + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:699:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[ TextBufferSize + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:752:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[ TextBufferSize + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:972:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[ TextBufferSize + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1071:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[ TextBufferSize + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1210:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[ TextBufferSize + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1311:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( f.open( QFile::WriteOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1394:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( f.open( QFile::WriteOnly | QFile::Truncate ) )
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1470:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( f.open( QFile::WriteOnly | QFile::Truncate ) )
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1509:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char file[ EB_MAX_PATH_LENGTH + 1 ];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1544:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( f.open( QFile::WriteOnly | QFile::Truncate ) )
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1627:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bitmap[EB_SIZE_NARROW_FONT_16];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1637:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buff[EB_SIZE_NARROW_FONT_16_PNG];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1648:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( f.open( QFile::WriteOnly | QFile::Truncate ) )
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1697:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bitmap[EB_SIZE_WIDE_FONT_16];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1707:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[EB_SIZE_WIDE_FONT_16_PNG];
data/goldendict-1.5.0~rc2+git20200409+ds/epwing_book.cc:1717:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( f.open( QFile::WriteOnly | QFile::Truncate ) )
data/goldendict-1.5.0~rc2+git20200409+ds/externalviewer.cc:19:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !tempFile.open() || tempFile.write( data, size ) != size )
data/goldendict-1.5.0~rc2+git20200409+ds/favoritespanewidget.cc:627:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( !favoritesFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/favoritespanewidget.cc:668:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( !tmpFile.open( QFile::WriteOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/ffmpegaudio.cc:41:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[64];
data/goldendict-1.5.0~rc2+git20200409+ds/ffmpegaudio.cc:490:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &samples.front(), frame->data[0], lineSize );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:72:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  wchar_t wname[16384];
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:73:3:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
  MultiByteToWideChar( CP_UTF8, 0, filename, -1, wname, 16384 );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:83:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void Class::open( char const * filename, char const * mode ) THROW_SPEC( exCantOpen )
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:109:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !f.open( openMode ) )
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:116:3:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  open( filename, mode );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:122:3:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  open( filename.c_str(), mode );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:177:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( writeBuffer + ( WriteBufferSize - writeBufferLeft ),
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:189:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( writeBuffer, (char const *)buf + toAdd, size );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:234:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[ 1024 ];
data/goldendict-1.5.0~rc2+git20200409+ds/forvo.cc:334:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( &data.front() + prevSize, articleBody.data(), articleBody.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/ftshelpers.cc:827:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &size, linksPtr, sizeof(uint32_t) );
data/goldendict-1.5.0~rc2+git20200409+ds/ftshelpers.cc:926:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &size, linksPtr, sizeof(uint32_t) );
data/goldendict-1.5.0~rc2+git20200409+ds/ftshelpers.cc:975:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy( &size, linksPtr, sizeof(uint32_t) );
data/goldendict-1.5.0~rc2+git20200409+ds/ftshelpers.cc:1065:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &size, linksPtr, sizeof(uint32_t) );
data/goldendict-1.5.0~rc2+git20200409+ds/ftshelpers.cc:1210:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), &foundHeadwords, sizeof( foundHeadwords ) );
data/goldendict-1.5.0~rc2+git20200409+ds/generators/generate.cc:75:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE * inf = fopen( "CaseFolding.txt", "r" );
data/goldendict-1.5.0~rc2+git20200409+ds/generators/generate.cc:84:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[ 4096 ];
data/goldendict-1.5.0~rc2+git20200409+ds/generators/generate.cc:175:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE * outf = fopen( "../inc_case_folding.hh", "w" );
data/goldendict-1.5.0~rc2+git20200409+ds/generators/generate.cc:222:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE * inf = fopen( "DiacriticFolding.txt", "r" );
data/goldendict-1.5.0~rc2+git20200409+ds/generators/generate.cc:231:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[ 4096 ];
data/goldendict-1.5.0~rc2+git20200409+ds/generators/generate.cc:290:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE * outf = fopen( "../inc_diacritic_folding.hh", "w" );
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char readBuffer[ 65536 ];
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:161:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char firstBytes[ 2 ];
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:1294:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:1456:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        buffer.open( QIODevice::WriteOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:1463:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front(), buffer.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:1535:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), bytes.constData(), bytes.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/history.cc:24:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !file.open( QFile::ReadOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/history.cc:129:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !file.open( QFile::WriteOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/hunspell.cc:340:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/indexedzip.cc:21:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  zipIsOpen = zip.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/langcoder.cc:261:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char code[ 2 ];
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:319:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &(ret->getData().front()), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:383:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char riff[ 4 ]; // RIFF
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:385:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char waveAndFmt[ 8 ]; // WAVEfmt%20
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:393:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char data[ 4 ]; // data
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:454:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( wh->riff, "RIFF", 4 );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:457:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( wh->waveAndFmt, "WAVEfmt ", 8 );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:465:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( wh->data, "data", 4 );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:546:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buf[ 9 ];
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:612:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[ 4 ];
data/goldendict-1.5.0~rc2+git20200409+ds/main.cc:267:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( errFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/main.cc:393:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    logFilePtr->open( QFile::ReadWrite );
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:1117:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  builtInCssFile.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:1122:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  macCssFile.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:1130:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    builtInCssFile.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:1137:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( cssFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:1145:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( addonCss.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:2797:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( cssFile.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:3496:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( !file.open( QIODevice::WriteOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:3912:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( !file.open( QFile::WriteOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:3976:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( !file.open( QFile::ReadOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:4047:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( !file.open( QFile::WriteOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:4088:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( !file.open( QFile::WriteOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mainwindow.cc:4139:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( !file.open( QFile::ReadOnly | QIODevice::Text ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc:121:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
bool MdictParser::open( const char * filename )
data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc:131:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( !file_->open( QIODevice::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc:193:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[CHUNK_SIZE];
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:130:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  bool open( const char * fileName )
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:133:26:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    isFileOpen = mddFile.open( QFile::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:184:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &result.front(), decompressed.constData() + indexEntry.recordOffset, indexEntry.recordSize );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:322:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  dictFile.open( QIODevice::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:459:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        mdd->open( dictFiles[ i ].c_str() );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:844:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const char pattern[16] =
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:930:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front(), bytes.constData(), bytes.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:1451:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if ( !parser.open( i->c_str() ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:1463:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          if ( !mddParser->open( mddIter->c_str() ) )
data/goldendict-1.5.0~rc2+git20200409+ds/mediawiki.cc:593:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( &data.front() + prevSize, articleBody.data(), articleBody.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/GetWord.c:191:3:  [2] (buffer) CopyMemory:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		CopyMemory(CParams.MatchedWordW, TP->Buffer, WordSize * sizeof(wchar_t));
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:45:20:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
				TP->BeginPos = MultiByteToWideChar(CP_ACP, 0, TP->MatchedWordA, BeginPos, TP->MatchedWordW, BufSize);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:54:19:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
				TP->WordLen = MultiByteToWideChar(CP_ACP, 0, TP->MatchedWordA + BeginPos, TP->WordLen - BeginPos, TP->MatchedWordW + TP->BeginPos, BufSize);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:130:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char buf[256];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:155:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buffer[256];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:157:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buffer2[256];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:283:4:  [2] (buffer) CopyMemory:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			CopyMemory(CurParams->MatchedWordA, Str + Shift, CurParams->WordLen);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:356:4:  [2] (buffer) CopyMemory:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			CopyMemory(CurParams->MatchedWordW, Str + Shift, CurParams->WordLen * sizeof(wchar_t));
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:576:2:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	TCHAR wClassName[64];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.h:19:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char MatchedWordA[256];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.h:20:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t MatchedWordW[256];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutSpy.c:174:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char className[64];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutSpy.c:192:1:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
TCHAR wClassName[64];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/ThTypes.h:22:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char MatchedWord[256];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/ThTypes.h:47:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char MatchedWord[256];
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c:151:1:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
TCHAR dir[MAX_PATH], libName[MAX_PATH], *pch;
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c:182:3:  [2] (buffer) lstrcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Risk is low because the source is a constant string.
		lstrcat( libName, _T("GdTextOutSpy64.dll") );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c:187:3:  [2] (buffer) lstrcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Risk is low because the source is a constant string.
		lstrcat( GlobalData->LibName, _T("GdTextOutHook64.dll") );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/x64hooks.c:191:3:  [2] (buffer) lstrcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Risk is low because the source is a constant string.
		lstrcat( libName, _T("GdTextOutSpy.dll") );
data/goldendict-1.5.0~rc2+git20200409+ds/multimediaaudioplayer.cc:23:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( !audioBuffer.open( QIODevice::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/processwrapper.cc:55:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char szProcessName[MAX_PATH] = "<unknown>";
data/goldendict-1.5.0~rc2+git20200409+ds/processwrapper.cc:120:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if (f.open(QIODevice::ReadOnly)) {
data/goldendict-1.5.0~rc2+git20200409+ds/programs.cc:108:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &(ret->getData().front()), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/programs.cc:318:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( data.data(), result.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/examples/loader/main.cpp:96:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (file.open(QIODevice::ReadOnly))
data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlocalpeer.cpp:108:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    lockFile.open(QIODevice::ReadWrite);
data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlockedfile.cpp:123:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
bool QtLockedFile::open(OpenMode mode)
data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlockedfile.cpp:129:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    return QFile::open(mode);
data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlockedfile.h:76:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    bool open(OpenMode mode);
data/goldendict-1.5.0~rc2+git20200409+ds/ripemd.cc:161:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &buffer[j], data, ( i = 64 - j ) );
data/goldendict-1.5.0~rc2+git20200409+ds/ripemd.cc:171:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &buffer[j], &data[i], len - i );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char signature[4];
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inputLang[3];
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:66:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char outputLang[3];
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:668:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:96:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char SLOB_MAGIC[ 8 ] = { 0x21, 0x2d, 0x31, 0x53, 0x4c, 0x4f, 0x42, 0x1f };
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:132:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char uuid[ 16 ];
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:203:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  void open( const QString & name );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:268:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void SlobFile::open( const QString & name )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:287:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( !file.open( QFile::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:290:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char magic[ 8 ];
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:675:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      sf.open( FsEncoding::decode( dictionaryFiles[ 0 ].c_str() ) );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:1525:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:1630:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), bytes.constData(), bytes.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:1654:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        buffer.open( QIODevice::WriteOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:1661:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front(), buffer.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:1668:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), resource.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:1727:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          sf.open( firstName );
data/goldendict-1.5.0~rc2+git20200409+ds/sounddir.cc:287:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &(ret->getData().front()), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc:49:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
bool SplitFile::open( QFile::OpenMode mode )
data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc:52:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( !(*i)->open( mode ) )
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:335:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &offset, articleData, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:337:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &size, articleData, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1063:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy( &entrySize, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1123:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &entrySize, ptr + 1, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1579:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1626:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char option[ 16384 ];
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1826:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        buffer.open( QIODevice::WriteOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1833:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front(), buffer.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1905:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), bytes.constData(), bytes.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:2037:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &articleOffset, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:2039:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &articleSize, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:2061:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &offsetInIndex, ptr, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/termination.cc:146:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( file.open() )
data/goldendict-1.5.0~rc2+git20200409+ds/tiff.cc:84:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  buf.open( QIODevice::ReadOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/ufile.cc:12:5:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    wchar_t wname[16384], wmode[32];
data/goldendict-1.5.0~rc2+git20200409+ds/ufile.cc:14:9:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    if( MultiByteToWideChar( CP_UTF8, 0, filename, -1, wname, 16384 ) == 0 )
data/goldendict-1.5.0~rc2+git20200409+ds/ufile.cc:16:9:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    if( MultiByteToWideChar( CP_UTF8, 0, mode, -1, wmode, 32 ) == 0 )
data/goldendict-1.5.0~rc2+git20200409+ds/ufile.cc:23:5:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    wchar_t wname[16384];
data/goldendict-1.5.0~rc2+git20200409+ds/ufile.cc:25:9:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    if( MultiByteToWideChar( CP_UTF8, 0, filename, -1, wname, 16384 ) == 0 )
data/goldendict-1.5.0~rc2+git20200409+ds/voiceengines.cc:109:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &( ret->getData().front() ), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/website.cc:415:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &data.front() + prevSize, articleBody.data(), articleBody.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/website.cc:509:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &( dr->getData().front() ), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/website.cc:608:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &data.front() + prevSize, cssData.data(), cssData.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:250:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &total, abrvBlock, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:256:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &keySz, abrvBlock, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:264:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &valueSz, abrvBlock, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:614:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:656:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &articleOffset, propertiesData + 1, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:657:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &articleSize, propertiesData + 5, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:1117:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        buffer.open( QIODevice::WriteOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:1124:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front(), buffer.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:1215:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( !gzFile.open( QIODevice::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:180:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  bool open();
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:263:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
bool ZimFile::open()
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:265:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if( !SplitFile::open( QIODevice::ReadOnly ) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:382:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( cache[ target ].data, decompressedData.c_str(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:619:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    df.open();
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1347:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &data.front(), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1452:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), bytes.constData(), bytes.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1476:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        buffer.open( QIODevice::WriteOnly );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1483:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &data.front(), buffer.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1490:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( &data.front(), resource.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1555:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          df.open();
data/goldendict-1.5.0~rc2+git20200409+ds/zipsounds.cc:262:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &sz, nameBlock, sizeof( uint16_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/zipsounds.cc:308:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &sz, nameBlock, sizeof( uint16_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/zipsounds.cc:340:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( &(ret->getData().front()), result.data(), result.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/zipsounds.cc:366:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &sz, nameBlock, sizeof( uint16_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/zipsounds.cc:372:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &dataOffset, nameBlock, sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:309:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:316:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    vector< char > dName( idx.read< quint32 >() );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:319:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        idx.read( &dName.front(), dName.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:454:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        df.read( &size, sizeof(size) );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:463:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        df.read( &articleBody.front(), articleSize );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:570:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        df.read( &dictHeader, sizeof(dictHeader) );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:573:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        df.read( &data.front(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:901:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          df.read( &dictHeader, sizeof(dictHeader) );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:922:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          df.read( &data.front(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:1003:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
              df.read( &el64, sizeof(el64) );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:1012:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
              df.read( &el, sizeof(el) );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:1020:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            df.read( &sizeBE, sizeof(sizeBE) );
data/goldendict-1.5.0~rc2+git20200409+ds/aard.cc:1024:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            df.read( &data.front(), wordSize );
data/goldendict-1.5.0~rc2+git20200409+ds/article_netmgr.cc:190:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    baseReply->read( data.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:283:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:290:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    size_t len = idx.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:296:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      idx.read( &nameBuf.front(), len );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1055:34:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    vector< char > nameData( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1056:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &nameData.front(), nameData.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1061:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    uint32_t offset = idx.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1071:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      data.resize( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1073:51:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      vector< unsigned char > compressedData( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1075:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      idx.read( &compressedData.front(), compressedData.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl.cc:1261:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if ( !b.read( sourceCharset, targetCharset ) )
data/goldendict-1.5.0~rc2+git20200409+ds/bgl_babylon.cc:98:34:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      for(int j=0;j < i - 6;j++) fgetc( f );
data/goldendict-1.5.0~rc2+git20200409+ds/bgl_babylon.cc:189:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
bool Babylon::read(std::string &source_charset, std::string &target_charset)
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:421:38:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            nextLeaf = dict.idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:503:40:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  uint32_t uncompressedSize = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:504:38:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  uint32_t compressedSize = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:512:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxFile->read( &compressedData.front(), compressedData.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:581:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        nextLeaf = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:637:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t wordSize = strlen( closestString );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:694:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      char const * right = closestString + strlen( closestString ) + 1;
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:710:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
           next += strlen( next ) + 1, ++entry ) ;
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:746:63:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      nextLeaf = ( currentNodeOffset != rootOffset ? idxFile->read< uint32_t >() : 0 );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:795:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t wordSize = strlen( ptr );
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:859:37:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                nextLeaf = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1328:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      nextLeaf = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1399:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        nextLeaf = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1454:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      nextLeaf = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/btreeidx.cc:1515:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        nextLeaf = idxFile->read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc:121:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  uint32_t size =  file.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc:125:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  file.read( &offsets.front(), offsets.size() * sizeof( uint32_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc:139:38:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    uint32_t uncompressedSize = file.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc:140:36:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    uint32_t compressedSize = file.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/chunkedstorage.cc:146:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    file.read( &compressedData.front(), compressedData.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:157:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() )
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:163:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  vector< char > dName( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:166:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &dName.front(), dName.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/dictdfiles.cc:702:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                indexedWords.addWord( Utf8::decode( string( tab3 + 1, strlen ( tab3 + 1 ) ) ), curOffset );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:287:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   id1                  = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:288:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   id2                  = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:310:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->method       = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:311:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->flags        = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:312:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->mtime        = getc( str ) <<  0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:313:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->mtime       |= getc( str ) <<  8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:314:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->mtime       |= getc( str ) << 16;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:315:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->mtime       |= getc( str ) << 24;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:316:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->extraFlags   = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:317:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->os           = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:320:30:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      extraLength          = getc( str ) << 0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:321:30:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      extraLength         |= getc( str ) << 8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:323:30:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      si1                  = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:324:30:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      si2                  = getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:327:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 subLength            = getc( str ) << 0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:328:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 subLength           |= getc( str ) << 8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:329:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 header->version      = getc( str ) << 0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:330:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 header->version     |= getc( str ) << 8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:341:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 header->chunkLength  = getc( str ) << 0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:342:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 header->chunkLength |= getc( str ) << 8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:343:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 header->chunkCount   = getc( str ) << 0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:344:26:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 header->chunkCount  |= getc( str ) << 8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:357:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    header->chunks[i]  = getc( str ) << 0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:358:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    header->chunks[i] |= getc( str ) << 8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:368:19:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      while ((c = getc( str )) && c != EOF){
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:384:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      header->headerLength += strlen( buffer ) + 1;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:391:19:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      while ((c = getc( str )) && c != EOF){
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:407:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      header->headerLength += strlen( buffer ) + 1;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:413:7:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:414:7:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      getc( str );
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:430:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->crc     = getc( str ) <<  0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:431:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->crc    |= getc( str ) <<  8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:432:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->crc    |= getc( str ) << 16;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:433:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->crc    |= getc( str ) << 24;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:434:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->length  = getc( str ) <<  0;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:435:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->length |= getc( str ) <<  8;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:436:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->length |= getc( str ) << 16;
data/goldendict-1.5.0~rc2+git20200409+ds/dictzip.c:437:22:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   header->length |= getc( str ) << 24;
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:293:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:312:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  vector< char > dName( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:315:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &dName.front(), dName.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:319:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  vector< char > sName( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/dsl.cc:322:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &sName.front(), sName.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/epwing.cc:202:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/epwing.cc:209:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &data.front(), idxHeader.nameSize );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:65:5:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  f.read( &data.front(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:125:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void Class::read( void * buf, qint64 size ) THROW_SPEC( exReadError, exWriteError )
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:133:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  qint64 result = f.read( reinterpret_cast<char *>( buf ), size );
data/goldendict-1.5.0~rc2+git20200409+ds/file.cc:144:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  qint64 result = f.read( reinterpret_cast<char *>( buf ), size * count );
data/goldendict-1.5.0~rc2+git20200409+ds/ftshelpers.cc:1180:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        ftsIdxHeader = ftsIdx.read< FtsIdxHeader >();
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:534:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:551:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  vector< char > dName( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/gls.cc:554:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &dName.front(), dName.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/hunspell.cc:815:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t inLeft = strlen( str );
data/goldendict-1.5.0~rc2+git20200409+ds/indexedzip.cc:74:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      return (size_t) zip.read( &data.front(), data.size() ) == data.size();
data/goldendict-1.5.0~rc2+git20200409+ds/indexedzip.cc:82:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      QByteArray compressedData = zip.read( header.compressedSize );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:108:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  for( ; ; ++read )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:110:35:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ( filenameBuffer.size() <= read )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:113:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    f.read( &filenameBuffer[ read ], 2 );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:113:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    f.read( &filenameBuffer[ read ], 2 );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:115:26:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ( filenameBuffer[ read ] == 0xD )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:117:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if ( f.read< uint16_t >() != 0xA )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:127:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if ( uint8_t x = f.read< uint8_t >() )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:133:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if ( f.read< uint8_t >() != 0xFF )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:141:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    samplesOffset  = f.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:143:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ( f.read< uint8_t >() != 0xFF )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:150:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  samplesLength = f.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:153:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        read * sizeof( uint16_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:207:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() )
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:333:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  static size_t read( void * ptr, size_t size, size_t nmemb, void * datasource );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:340:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
size_t ShiftedVorbis::read( void * ptr, size_t size, size_t nmemb,
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:345:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return sv->f.read( reinterpret_cast<char *>( ptr ), size * nmemb );
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:375:58:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
ov_callbacks ShiftedVorbis::callbacks = { ShiftedVorbis::read,
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:583:35:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        uint32_t entriesCount = f.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/lsa.cc:614:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        f.read( buf, sizeof( buf ) );
data/goldendict-1.5.0~rc2+git20200409+ds/main.cc:57:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  QByteArray msg = QByteArray::fromRawData( msg_, strlen( msg_ ) );
data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc:354:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  QByteArray headerTextUtf16 = file_->read( headerTextSize );
data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc:436:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  QByteArray header = file_->read( version_ >= 2.0 ? ( numberTypeSize_ * 5 )
data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc:468:41:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  QByteArray headWordBlockInfo = file_->read( headWordBlockInfoSize_ );
data/goldendict-1.5.0~rc2+git20200409+ds/mdictparser.cc:602:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      int headWordLength = strlen( p );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:298:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:304:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  size_t len = idx.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:308:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &buf.front(), len );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:313:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  len = idx.read< uint32_t >();
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:317:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idx.read( &buf.front(), len );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:413:26:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        qint32 key = idx.read< qint32 >();
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:417:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        sz = idx.read< quint32 >();
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:419:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        idx.read( &buf.front(), sz );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:422:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        sz = idx.read< quint32 >();
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:424:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        idx.read( &buf.front(), sz );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:439:26:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        quint32 sz = idx.read< quint32 >();
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:441:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        idx.read( &buf.front(), sz );
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:442:41:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        uint32_t btreeMaxElements = idx.read<uint32_t>();
data/goldendict-1.5.0~rc2+git20200409+ds/mdx.cc:443:35:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        uint32_t rootOffset = idx.read<uint32_t>();
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover.cc:258:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                    strlen( Global_Data->CurMod.MatchedWord ),
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutHook.c:585:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		P->WordLen = strlen(p);
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutSpy.c:84:6:  [1] (buffer) lstrcpyn:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
					lstrcpyn( GlobalData32->CurMod.MatchedWord, GlobalData->CurMod.MatchedWord, sizeof( GlobalData32->CurMod.MatchedWord ) );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutSpy.c:110:5:  [1] (buffer) lstrcpyn:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				lstrcpyn( GlobalData32->CurMod.MatchedWord, GlobalData->CurMod.MatchedWord, sizeof( GlobalData32->CurMod.MatchedWord ) );
data/goldendict-1.5.0~rc2+git20200409+ds/mouseover_win32/TextOutSpy.c:126:5:  [1] (buffer) lstrcpyn:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				lstrcpyn( GlobalData32->CurMod.MatchedWord, GlobalData->CurMod.MatchedWord, sizeof( GlobalData32->CurMod.MatchedWord ) );
data/goldendict-1.5.0~rc2+git20200409+ds/qtsingleapplication/src/qtlocalpeer.cpp:167:28:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            res &= (socket.read(qstrlen(ack)) == ack);
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:207:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:214:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    vector< char > dName( idx.read< uint32_t >() );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:217:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      idx.read( &dName.front(), dName.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:400:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      df.read( &articleSize, sizeof(articleSize) );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:402:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      df.read( &articleBody.front(), articleSize );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:710:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    df.read( &size, sizeof( size ) );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:712:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    df.read( &data.front(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:726:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    df.read( &size, sizeof( size ) );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:728:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    df.read( &data.front(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:790:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          df.read( &dictHeader, sizeof(dictHeader) );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:802:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          df.read( &size, sizeof( size ) );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:804:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          df.read( &data.front(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:841:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            df.read( &el, sizeof(el) );
data/goldendict-1.5.0~rc2+git20200409+ds/sdict.cc:848:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            df.read( &data.front(), size );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:219:26:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  QByteArray data = file.read( length );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:249:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if( file.read( ( char * )&len, sizeof( len ) ) != sizeof( len ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:260:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if( file.read( ( char * )&len, sizeof( len ) ) != sizeof( len ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:291:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( magic, sizeof( magic ) ) != sizeof( magic ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:297:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )uuid, sizeof( uuid ) ) != sizeof( uuid ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:359:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&cnt, sizeof( cnt ) ) != sizeof( cnt ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:364:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&tmp, sizeof( tmp ) ) != sizeof( tmp ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:368:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&tmp, sizeof( tmp ) ) != sizeof( tmp ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:372:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&cnt, sizeof( cnt ) ) != sizeof( cnt ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:381:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&cnt, sizeof( cnt ) ) != sizeof( cnt ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:408:42:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( !file.seek( refsOffset ) || file.read( offsets.data(), size ) != size )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:434:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&index, sizeof( index ) ) != sizeof( index ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:439:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&binIndex, sizeof( binIndex ) ) != sizeof( binIndex ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:458:35:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( !file.seek( pos ) || file.read( ( char * )&tmp, sizeof( tmp ) ) != sizeof( tmp ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:480:35:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( !file.seek( pos ) || file.read( ( char * )&tmp, sizeof( tmp ) ) != sizeof( tmp ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:489:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )&bins_be, sizeof( bins_be ) ) != sizeof( bins_be ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:498:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( ( char * )ids.data(), bins ) != bins )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:513:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if( file.read( ( char * )&length_be, sizeof( length_be ) ) != sizeof( length_be ) )
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:517:42:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        QByteArray compressedData = file.read( length );
data/goldendict-1.5.0~rc2+git20200409+ds/slob.cc:669:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idxHeader( idx.read< IdxHeader >() )
data/goldendict-1.5.0~rc2+git20200409+ds/sounddir.cc:116:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/sounddir.cc:362:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    f.read( &data.front(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc:78:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
qint64 SplitFile::read( char *data, qint64 maxSize )
data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc:92:33:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    qint64 ret = files.at( i )->read( data + bytesReaded, maxSize );
data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc:105:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
QByteArray SplitFile::read( qint64 maxSize )
data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc:110:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  qint64 ret = read( data.data(), maxSize );
data/goldendict-1.5.0~rc2+git20200409+ds/splitfile.cc:121:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return read( c ? c : &ch, 1 ) == 1;
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:239:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:320:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idx.read( &data.front(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1034:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          entrySize = strlen( ptr );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1098:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t len = strlen( ptr + 1 );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:1603:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t len = strlen( substr );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:2008:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t wordLen = strlen( ptr );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:2028:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy( (char *)word, unescapedWord.c_str(), wordLen );
data/goldendict-1.5.0~rc2+git20200409+ds/stardict.cc:2029:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      wordLen = strlen( word );
data/goldendict-1.5.0~rc2+git20200409+ds/tiff.cc:23:44:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return static_cast< QIODevice * >( fd )->read( static_cast< char * >( buf ), size );
data/goldendict-1.5.0~rc2+git20200409+ds/webmultimediadownload.cc:68:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    r->read( data.data(), data.size() );
data/goldendict-1.5.0~rc2+git20200409+ds/wstring.cc:11:46:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return Iconv::toWstring( "WCHAR_T", str, wcslen( str ) * sizeof( wchar_t ) );
data/goldendict-1.5.0~rc2+git20200409+ds/xdxf.cc:218:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:270:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if( read( reinterpret_cast< char * >( &zimHeader ), sizeof( zimHeader ) ) != sizeof( zimHeader ) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:319:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if( read( reinterpret_cast< char * >( clusters ), sizeof(clusters) ) != sizeof(clusters) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:340:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  QByteArray data = read( clusterSize );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:414:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( reinterpret_cast< char * >( &pos ), sizeof(pos) ) != sizeof(pos) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:422:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( reinterpret_cast< char * >( &mimetype ), sizeof(mimetype) ) != sizeof(mimetype) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:428:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if( file.read( reinterpret_cast< char * >( &redEntry ) + 2, sizeof(redEntry) - 2 ) != sizeof(redEntry) - 2 )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:438:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( reinterpret_cast< char * >( &artEntry ) + 2, sizeof(artEntry) - 2 ) != sizeof(artEntry) - 2 )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:459:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( reinterpret_cast< char * >( &pos ), sizeof(pos) ) != sizeof(pos) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:467:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( reinterpret_cast< char * >( &mimetype ), sizeof(mimetype) ) != sizeof(mimetype) )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:473:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if( file.read( reinterpret_cast< char * >( &redEntry ) + 2, sizeof(redEntry) - 2 ) != sizeof(redEntry) - 2 )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:486:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if( file.read( reinterpret_cast< char * >( &artEntry ) + 2, sizeof(artEntry) - 2 ) != sizeof(artEntry) - 2 )
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:613:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    idxHeader( idx.read< IdxHeader >() ),
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1581:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          artEntries = df.read( (quint64)zh.articleCount * 8 );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1587:34:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            QByteArray data = df.read( (quint64)zh.clusterCount * 8 );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1602:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            df.read( reinterpret_cast< char * >( &mimetype ), sizeof(mimetype) );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1606:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
              qint64 ret = df.read( reinterpret_cast< char * >( &redEntry ) + 2, sizeof(RedirectEntry) - 2 );
data/goldendict-1.5.0~rc2+git20200409+ds/zim.cc:1615:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
              qint64 ret = df.read( reinterpret_cast< char * >( &artEntry ) + 2, sizeof(ArticleEntry) - 2 );
data/goldendict-1.5.0~rc2+git20200409+ds/zipfile.cc:85:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  QByteArray eocBuffer = zip.read( maxEofBufferSize );
data/goldendict-1.5.0~rc2+git20200409+ds/zipfile.cc:120:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ( zip.read( (char *)&signature, sizeof( signature ) ) != sizeof( signature ) )
data/goldendict-1.5.0~rc2+git20200409+ds/zipfile.cc:136:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if ( zip.read( (char *)&record, sizeof( record ) ) != sizeof( record ) )
data/goldendict-1.5.0~rc2+git20200409+ds/zipfile.cc:145:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  entry.fileName = zip.read( fileNameLength );
data/goldendict-1.5.0~rc2+git20200409+ds/zipfile.cc:170:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if ( zip.read( (char *)&record, sizeof( record ) ) != sizeof( record ) )
data/goldendict-1.5.0~rc2+git20200409+ds/zipfile.cc:179:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  entry.fileName = zip.read( fileNameLength );
data/goldendict-1.5.0~rc2+git20200409+ds/zipsounds.cc:147:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  idxHeader( idx.read< IdxHeader >() )

ANALYSIS SUMMARY:

Hits = 550
Lines analyzed = 74497 in approximately 2.46 seconds (30295 lines/second)
Physical Source Lines of Code (SLOC) = 56535
Hits@level = [0]  74 [1] 227 [2] 284 [3]   8 [4]  22 [5]   9
Hits@level+ = [0+] 624 [1+] 550 [2+] 323 [3+]  39 [4+]  31 [5+]   9
Hits/KSLOC@level+ = [0+] 11.0374 [1+] 9.72849 [2+] 5.71327 [3+] 0.689838 [4+] 0.548333 [5+] 0.159193
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.