Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/preferences.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/io.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/unknowndictionary.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/morphology.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/libwaei.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/result.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/word.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/search.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/history-private.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/regex.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/dictionarylist.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/dictionary-private.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/history.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/edictionary.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/definitions.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/query.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/range.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/utilities.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/vocabulary.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/dictionarylist-private.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/dictionary-installer.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/dictionary-callbacks.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/kanjidictionary.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/dictionary.h
Examining data/gwaei-3.6.2/src/libwaei/include/libwaei/exampledictionary.h
Examining data/gwaei-3.6.2/src/libwaei/regex.c
Examining data/gwaei-3.6.2/src/libwaei/result.c
Examining data/gwaei-3.6.2/src/libwaei/unknowndictionary.c
Examining data/gwaei-3.6.2/src/libwaei/query.c
Examining data/gwaei-3.6.2/src/libwaei/preferences.c
Examining data/gwaei-3.6.2/src/libwaei/morphology.c
Examining data/gwaei-3.6.2/src/libwaei/vocabulary.c
Examining data/gwaei-3.6.2/src/libwaei/search.c
Examining data/gwaei-3.6.2/src/libwaei/word.c
Examining data/gwaei-3.6.2/src/libwaei/libwaei.c
Examining data/gwaei-3.6.2/src/libwaei/range.c
Examining data/gwaei-3.6.2/src/libwaei/history.c
Examining data/gwaei-3.6.2/src/libwaei/dictionary-installer.c
Examining data/gwaei-3.6.2/src/libwaei/kanjidictionary.c
Examining data/gwaei-3.6.2/src/libwaei/utilities.c
Examining data/gwaei-3.6.2/src/libwaei/edictionary.c
Examining data/gwaei-3.6.2/src/libwaei/io.c
Examining data/gwaei-3.6.2/src/libwaei/dictionarylist.c
Examining data/gwaei-3.6.2/src/libwaei/dictionary.c
Examining data/gwaei-3.6.2/src/libwaei/exampledictionary.c
Examining data/gwaei-3.6.2/src/libwaei/dictionary-callbacks.c
Examining data/gwaei-3.6.2/src/waei/include/waei/console-callbacks.h
Examining data/gwaei-3.6.2/src/waei/include/waei/search-data.h
Examining data/gwaei-3.6.2/src/waei/include/waei/console.h
Examining data/gwaei-3.6.2/src/waei/include/waei/console-output.h
Examining data/gwaei-3.6.2/src/waei/include/waei/waei.h
Examining data/gwaei-3.6.2/src/waei/include/waei/gettext.h
Examining data/gwaei-3.6.2/src/waei/include/waei/application.h
Examining data/gwaei-3.6.2/src/waei/include/waei/application-private.h
Examining data/gwaei-3.6.2/src/waei/waei.c
Examining data/gwaei-3.6.2/src/waei/console-output.c
Examining data/gwaei-3.6.2/src/waei/search-data.c
Examining data/gwaei-3.6.2/src/waei/application.c
Examining data/gwaei-3.6.2/src/waei/console.c
Examining data/gwaei-3.6.2/src/waei/console-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/kanjipadwindow.c
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/addvocabularywindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/texttagtable.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/search-data.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/vocabularywindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/spellcheck.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/flashcardwindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/radicalswindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/searchwindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/vocabularywindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/kanjipad-drawingarea.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/vocabularyliststore-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/spellcheck-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/flashcardstore-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/dictionaryinstallwindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/kanjipadwindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/history-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/gwaei.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/addvocabularywindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/installprogresswindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/installprogresswindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/searchwindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/vocabularywindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/window-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/dictionarylist-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/dictionarylist.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/spellcheck-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/window-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/printing.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/dictionaryinstallwindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/flashcardstore.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/radicalswindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/history.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/radicalswindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/application-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/settingswindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/dictionaryinstallwindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/vocabularywordstore-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/flashcardwindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/kanjipadwindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/texttagtable-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/vocabularyliststore.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/settingswindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/vocabularywordstore.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/application.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/pluginmanager.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/dictionarylist-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/application-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/searchwindow-output.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/kanjipad-candidatearea.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/kanjipadwindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/window.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/flashcardwindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/settingswindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/installprogresswindow.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/addvocabularywindow-callbacks.h
Examining data/gwaei-3.6.2/src/gwaei/include/gwaei/searchwindow-private.h
Examining data/gwaei-3.6.2/src/gwaei/searchwindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/settingswindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/addvocabularywindow.c
Examining data/gwaei-3.6.2/src/gwaei/radicalswindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/flashcardwindow.c
Examining data/gwaei-3.6.2/src/gwaei/installprogresswindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/application-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/texttagtable.c
Examining data/gwaei-3.6.2/src/gwaei/dictionaryinstallwindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/radicalswindow.c
Examining data/gwaei-3.6.2/src/gwaei/flashcardstore.c
Examining data/gwaei-3.6.2/src/gwaei/installprogresswindow.c
Examining data/gwaei-3.6.2/src/gwaei/settingswindow.c
Examining data/gwaei-3.6.2/src/gwaei/vocabularyliststore.c
Examining data/gwaei-3.6.2/src/gwaei/kanjipad-drawingarea.c
Examining data/gwaei-3.6.2/src/gwaei/kanjipad-candidatearea.c
Examining data/gwaei-3.6.2/src/gwaei/window.c
Examining data/gwaei-3.6.2/src/gwaei/search-data.c
Examining data/gwaei-3.6.2/src/gwaei/addvocabularywindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/application.c
Examining data/gwaei-3.6.2/src/gwaei/kanjipadwindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/vocabularywindow.c
Examining data/gwaei-3.6.2/src/gwaei/dictionarylist-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/history.c
Examining data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/dictionaryinstallwindow.c
Examining data/gwaei-3.6.2/src/gwaei/searchwindow.c
Examining data/gwaei-3.6.2/src/gwaei/vocabularywordstore.c
Examining data/gwaei-3.6.2/src/gwaei/vocabularywindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/spellcheck.c
Examining data/gwaei-3.6.2/src/gwaei/printing.c
Examining data/gwaei-3.6.2/src/gwaei/gwaei.c
Examining data/gwaei-3.6.2/src/gwaei/flashcardwindow-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/dictionarylist.c
Examining data/gwaei-3.6.2/src/gwaei/window-callbacks.c
Examining data/gwaei-3.6.2/src/gwaei/searchwindow-output.c
Examining data/gwaei-3.6.2/src/kpengine/kpengine.c
Examining data/gwaei-3.6.2/src/kpengine/jstroke/memowrite.h
Examining data/gwaei-3.6.2/src/kpengine/jstroke/jstroke.h
Examining data/gwaei-3.6.2/src/kpengine/jstroke/util.c
Examining data/gwaei-3.6.2/src/kpengine/jstroke/scoring.c
Examining data/gwaei-3.6.2/src/kpengine/jstroke/pilotcompat.h
Examining data/gwaei-3.6.2/src/kpengine/jstroke/jstrokerc.h
Examining data/gwaei-3.6.2/src/kpengine/jstroke/strokedata.h

FINAL RESULTS:

data/gwaei-3.6.2/src/gwaei/flashcardwindow.c:296:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(katakana, hiragana);
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:86:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (buffer + start_offset, replacement);
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:87:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat (buffer, query + end_offset);
data/gwaei-3.6.2/src/libwaei/query.c:358:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy (buffer, TOKEN);
data/gwaei-3.6.2/src/libwaei/query.c:365:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy (buffer, TOKEN);
data/gwaei-3.6.2/src/libwaei/utilities.c:410:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(input, output);
data/gwaei-3.6.2/src/libwaei/utilities.c:1187:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
          strcpy(buffer_ptr, delimitor);
data/gwaei-3.6.2/src/libwaei/utilities.c:1252:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
          strcpy(buffer_ptr, delimitor);
data/gwaei-3.6.2/src/libwaei/utilities.c:1317:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(ptr, argv[i]);
data/gwaei-3.6.2/src/libwaei/utilities.c:1494:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
					strcpy(target_ptr, DELIMITOR);
data/gwaei-3.6.2/src/libwaei/utilities.c:1551:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
          strcpy(target_ptr, DELIMITOR);
data/gwaei-3.6.2/src/libwaei/utilities.c:1615:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
          strcpy(target_ptr, DELIMITOR);
data/gwaei-3.6.2/src/libwaei/vocabulary.c:66:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(buffer, name);
data/gwaei-3.6.2/src/waei/console.c:353:7:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      printf(message_total, total_results);
data/gwaei-3.6.2/src/waei/console.c:358:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        printf(message_relevant, total_relevant_results);
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:281:12:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    GRand *random;
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:293:9:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    if (random != NULL)
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:297:20:  [3] (random) g_rand_int_range:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        position = g_rand_int_range (random, 0, children);
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:297:38:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        position = g_rand_int_range (random, 0, children);
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:312:20:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
      g_rand_free (random); random = NULL;
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:333:12:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    GRand *random;
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:345:11:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
      if (random != NULL)
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:349:22:  [3] (random) g_rand_int_range:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
          position = g_rand_int_range (random, 0, children);
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:349:40:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
          position = g_rand_int_range (random, 0, children);
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:358:22:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        g_rand_free (random); random = NULL;
data/gwaei-3.6.2/src/gwaei/vocabularywindow-callbacks.c:593:69:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
    gtk_file_chooser_set_current_folder (GTK_FILE_CHOOSER (dialog), g_get_home_dir ());
data/gwaei-3.6.2/src/gwaei/dictionarylist.c:239:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    if (index < 10) sprintf (shortcutname, "Alt-%d", index);
data/gwaei-3.6.2/src/gwaei/dictionarylist.c:240:23:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    if (index < 1000) sprintf (ordernumber, "%d", index);
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:210:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg_ctxt_id[msgctxt_len + msgid_len];
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:212:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[1024];
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:220:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1);
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:222:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len);
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:256:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg_ctxt_id[msgctxt_len + msgid_len];
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:258:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[1024];
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:266:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1);
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:268:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len);
data/gwaei-3.6.2/src/gwaei/include/gwaei/kanjipadwindow-private.h:17:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char kselected[2];
data/gwaei-3.6.2/src/gwaei/include/gwaei/kanjipadwindow-private.h:18:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char kanji_candidates[GW_KANJIPADWINDOW_MAX_GUESSES][2];
data/gwaei-3.6.2/src/gwaei/include/gwaei/radicalswindow-private.h:11:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cache[300 * 4];
data/gwaei-3.6.2/src/gwaei/kanjipad-drawingarea.c:93:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[16];
data/gwaei-3.6.2/src/gwaei/kanjipad-drawingarea.c:105:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf (buffer, "%d", index);
data/gwaei-3.6.2/src/gwaei/kanjipadwindow.c:239:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *argv[2];
data/gwaei-3.6.2/src/gwaei/settingswindow-callbacks.c:380:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char font[50];
data/gwaei-3.6.2/src/gwaei/settingswindow-callbacks.c:530:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hex_color_string[20];
data/gwaei-3.6.2/src/kpengine/jstroke/pilotcompat.h:49:25:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
#define StrIToA(str, n) sprintf((str),"%ld",(long)(n))
data/gwaei-3.6.2/src/kpengine/jstroke/pilotcompat.h:50:25:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
#define StrIToH(str, n) sprintf((str),"%lx",(long)(n))
data/gwaei-3.6.2/src/kpengine/jstroke/scoring.c:212:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char         buf[10];
data/gwaei-3.6.2/src/kpengine/jstroke/scoring.c:499:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char    cArg[2];
data/gwaei-3.6.2/src/kpengine/kpengine.c:29:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *stroke_dicts[MAX_STROKES];
data/gwaei-3.6.2/src/kpengine/kpengine.c:41:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      file = fopen (data_file, "rb");
data/gwaei-3.6.2/src/kpengine/kpengine.c:53:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      file = fopen (fname, "rb");
data/gwaei-3.6.2/src/kpengine/kpengine.c:195:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	      unsigned char c[2];
data/gwaei-3.6.2/src/libwaei/dictionary.c:344:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      file = fopen (path, "r");
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:210:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg_ctxt_id[msgctxt_len + msgid_len];
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:212:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[1024];
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:220:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1);
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:222:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len);
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:256:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg_ctxt_id[msgctxt_len + msgid_len];
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:258:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[1024];
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:266:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1);
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:268:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len);
data/gwaei-3.6.2/src/libwaei/io.c:110:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file = fopen(_savepath, mode);
data/gwaei-3.6.2/src/libwaei/io.c:169:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    readfd = fopen (SOURCE_PATH, "rb");
data/gwaei-3.6.2/src/libwaei/io.c:170:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    writefd = fopen (TARGET_PATH, "wb");
data/gwaei-3.6.2/src/libwaei/io.c:313:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    outfile = fopen(TARGET_PATH, "wb");
data/gwaei-3.6.2/src/libwaei/io.c:385:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[MAX];
data/gwaei-3.6.2/src/libwaei/io.c:390:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    infd = fopen(SOURCE_PATH, "rb");
data/gwaei-3.6.2/src/libwaei/io.c:391:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    outfd = fopen(TARGET_PATH, "wb");
data/gwaei-3.6.2/src/libwaei/io.c:442:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char radicals_input[LW_IO_MAX_FGETS_LINE];
data/gwaei-3.6.2/src/libwaei/io.c:443:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char kanji_input[LW_IO_MAX_FGETS_LINE];
data/gwaei-3.6.2/src/libwaei/io.c:444:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char output[LW_IO_MAX_FGETS_LINE * 2];
data/gwaei-3.6.2/src/libwaei/io.c:453:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    kanji_file =  fopen(KANJI_DICTIONARY_PATH, "r");
data/gwaei-3.6.2/src/libwaei/io.c:454:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    radicals_file = fopen(RADICALS_DICTIONARY_PATH, "r");
data/gwaei-3.6.2/src/libwaei/io.c:455:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    output_file = fopen(OUTPUT_PATH, "w");
data/gwaei-3.6.2/src/libwaei/io.c:581:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[LW_IO_MAX_FGETS_LINE];
data/gwaei-3.6.2/src/libwaei/io.c:599:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inputf = fopen(INPUT_NAMES_PLACES_PATH, "r");
data/gwaei-3.6.2/src/libwaei/io.c:605:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    placesf = fopen(OUTPUT_PLACES_PATH, "w");
data/gwaei-3.6.2/src/libwaei/io.c:609:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    namesf = fopen(OUTPUT_NAMES_PATH, "w");
data/gwaei-3.6.2/src/libwaei/io.c:668:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[MAX];
data/gwaei-3.6.2/src/libwaei/io.c:678:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      target = fopen(TARGET_PATH, "wb");
data/gwaei-3.6.2/src/libwaei/io.c:733:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[MAX_CHUNK];
data/gwaei-3.6.2/src/libwaei/io.c:738:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file = fopen(URI, "rb");
data/gwaei-3.6.2/src/libwaei/io.c:763:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[MAX_CHUNK];
data/gwaei-3.6.2/src/libwaei/io.c:782:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file = fopen(in->uri, "rb");
data/gwaei-3.6.2/src/libwaei/io.c:832:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[MAX_CHUNK];
data/gwaei-3.6.2/src/libwaei/io.c:847:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file = fopen(out->uri, "wb");
data/gwaei-3.6.2/src/libwaei/io.c:913:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file = fopen (URI, "r");
data/gwaei-3.6.2/src/libwaei/utilities.c:383:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char output[strlen(input) + 1];
data/gwaei-3.6.2/src/libwaei/utilities.c:635:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "きゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:637:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "きゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:639:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "きょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:653:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぎゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:655:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぎゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:657:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぎょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:672:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "しゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:674:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "しゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:676:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "しょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:691:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "じゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:694:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "じゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:697:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "じょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:712:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ちゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:714:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ちゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:716:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ちょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:730:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぢゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:732:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぢゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:734:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぢょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:749:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "にゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:751:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "にゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:753:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "にょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:768:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ひゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:770:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ひゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:772:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ひょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:786:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "びゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:788:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "びゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:790:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "びょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:804:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぴゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:806:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぴゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:808:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ぴょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:823:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "みゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:825:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "みゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:827:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "みょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:850:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "りゃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:852:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "りゅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:854:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "りょ");
data/gwaei-3.6.2/src/libwaei/utilities.c:860:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "うぃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:862:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "うぇ");
data/gwaei-3.6.2/src/libwaei/utilities.c:867:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "う゛ぁ");
data/gwaei-3.6.2/src/libwaei/utilities.c:869:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "う゛ぃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:871:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "う゛ぇ");
data/gwaei-3.6.2/src/libwaei/utilities.c:873:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "う゛ぉ");
data/gwaei-3.6.2/src/libwaei/utilities.c:889:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ふぁ");
data/gwaei-3.6.2/src/libwaei/utilities.c:891:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ふぃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:893:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ふぇ");
data/gwaei-3.6.2/src/libwaei/utilities.c:895:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(output, "ふぉ");
data/gwaei-3.6.2/src/libwaei/vocabulary.c:129:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      stream = fopen (uri, "r");
data/gwaei-3.6.2/src/libwaei/vocabulary.c:171:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      stream = fopen (uri, "w");
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:210:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg_ctxt_id[msgctxt_len + msgid_len];
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:212:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[1024];
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:220:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1);
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:222:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len);
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:256:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg_ctxt_id[msgctxt_len + msgid_len];
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:258:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[1024];
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:266:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1);
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:268:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len);
data/gwaei-3.6.2/src/gwaei/addvocabularywindow.c:342:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    has_kanji = (strlen (kanji) > 0);
data/gwaei-3.6.2/src/gwaei/addvocabularywindow.c:343:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    has_furigana = (strlen (furigana) > 0);
data/gwaei-3.6.2/src/gwaei/addvocabularywindow.c:344:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    has_definitions = (strlen (definitions) > 0);
data/gwaei-3.6.2/src/gwaei/addvocabularywindow.c:345:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    has_list = (strlen (list) > 0);
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:242:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (path != NULL && question != NULL && strlen (question) && answer != NULL && strlen (answer))
data/gwaei-3.6.2/src/gwaei/flashcardstore.c:242:86:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (path != NULL && question != NULL && strlen (question) && answer != NULL && strlen (answer))
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:206:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgctxt_len = strlen (msgctxt) + 1;
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:207:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgid_len = strlen (msgid) + 1;
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:252:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgctxt_len = strlen (msgctxt) + 1;
data/gwaei-3.6.2/src/gwaei/include/gwaei/gettext.h:253:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgid_len = strlen (msgid) + 1;
data/gwaei-3.6.2/src/gwaei/kanjipad-candidatearea.c:389:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(priv->kselected, priv->kanji_candidates[j], 2);
data/gwaei-3.6.2/src/gwaei/radicalswindow.c:550:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (radical_ptr != NULL) length += strlen (radical_ptr);
data/gwaei-3.6.2/src/gwaei/radicalswindow.c:608:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      length += strlen (text);
data/gwaei-3.6.2/src/gwaei/searchwindow-callbacks.c:1060:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy (query, gtk_entry_get_text (priv->entry), 50);
data/gwaei-3.6.2/src/gwaei/searchwindow-callbacks.c:1067:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(query) == 0 || dictionary == NULL) 
data/gwaei-3.6.2/src/gwaei/searchwindow-callbacks.c:1361:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (text != NULL && strlen(text) > 0)
data/gwaei-3.6.2/src/gwaei/searchwindow-callbacks.c:2014:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (text_query != NULL && strlen(text_query) > 0)
data/gwaei-3.6.2/src/gwaei/searchwindow-output.c:90:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (furigana == NULL || strlen (furigana) == 0)
data/gwaei-3.6.2/src/gwaei/searchwindow.c:446:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    gtk_editable_set_position (GTK_EDITABLE (priv->entry), start + strlen(TEXT));
data/gwaei-3.6.2/src/gwaei/searchwindow.c:1179:83:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (priv->keep_searching_delay >= GW_SEARCHWINDOW_KEEP_SEARCHING_MAX_DELAY || strlen(query) == 0)
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:81:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = g_new (gchar, strlen(replacement) + strlen(query));
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:81:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = g_new (gchar, strlen(replacement) + strlen(query));
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:85:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(buffer, query, start_offset);
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:90:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (index >= start_offset + strlen(replacement))
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:91:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      index += strlen(buffer) - strlen(query);
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:91:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      index += strlen(buffer) - strlen(query);
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:223:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        start_offset += strlen(*iter) + 1;
data/gwaei-3.6.2/src/gwaei/spellcheck-callbacks.c:226:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (*iter != NULL) end_offset = start_offset + strlen(*iter);
data/gwaei-3.6.2/src/gwaei/spellcheck.c:140:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            length = strlen (locale);
data/gwaei-3.6.2/src/gwaei/spellcheck.c:231:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (priv->handle == NULL && strncmp("auto", preferred, strlen("auto")) != 0)
data/gwaei-3.6.2/src/gwaei/spellcheck.c:235:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (priv->handle == NULL && strncmp("en", locale, strlen("en")) == 0)
data/gwaei-3.6.2/src/gwaei/spellcheck.c:815:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    while (*iter != NULL && start_offset + strlen(*iter) < index)
data/gwaei-3.6.2/src/gwaei/spellcheck.c:817:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      start_offset += strlen(*iter) + 1;
data/gwaei-3.6.2/src/gwaei/spellcheck.c:821:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    end_offset = start_offset + strlen(*iter);
data/gwaei-3.6.2/src/gwaei/window.c:375:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      while (*ptr != NULL && strncmp(*ptr, NAME, strlen(NAME)) != 0) ptr++;
data/gwaei-3.6.2/src/gwaei/window.c:426:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        while (*ptr != NULL && strncmp(*ptr, NAME, strlen(NAME)) != 0) ptr++;
data/gwaei-3.6.2/src/kpengine/jstroke/pilotcompat.h:48:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define StrLen strlen
data/gwaei-3.6.2/src/kpengine/kpengine.c:140:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      while ((strlen(buffer) == buflen - 1) && (buffer[buflen-2] != '\n'))
data/gwaei-3.6.2/src/libwaei/dictionary.c:365:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    start = TYPENAME + strlen("Lw");
data/gwaei-3.6.2/src/libwaei/dictionary.c:366:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    end = TYPENAME + strlen(TYPENAME) - strlen("Dictionary");
data/gwaei-3.6.2/src/libwaei/dictionary.c:366:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    end = TYPENAME + strlen(TYPENAME) - strlen("Dictionary");
data/gwaei-3.6.2/src/libwaei/edictionary.c:204:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (ptr != NULL) bytes_read += strlen(result->text);
data/gwaei-3.6.2/src/libwaei/edictionary.c:208:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bytes_read += strlen(result->text);
data/gwaei-3.6.2/src/libwaei/exampledictionary.c:204:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        length = strlen(result->text);
data/gwaei-3.6.2/src/libwaei/exampledictionary.c:235:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      length = strlen(ptr);
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:206:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgctxt_len = strlen (msgctxt) + 1;
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:207:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgid_len = strlen (msgid) + 1;
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:252:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgctxt_len = strlen (msgctxt) + 1;
data/gwaei-3.6.2/src/libwaei/include/libwaei/gettext.h:253:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgid_len = strlen (msgid) + 1;
data/gwaei-3.6.2/src/libwaei/io.c:160:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    size_t read, source_bytes_left, target_bytes_left;
data/gwaei-3.6.2/src/libwaei/io.c:177:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      source_bytes_left = read;
data/gwaei-3.6.2/src/libwaei/io.c:473:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      curpos += strlen (kanji_input);
data/gwaei-3.6.2/src/libwaei/io.c:629:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      curpos += strlen(buffer);
data/gwaei-3.6.2/src/libwaei/io.c:666:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    int read;
data/gwaei-3.6.2/src/libwaei/io.c:683:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          if (read > 0) 
data/gwaei-3.6.2/src/libwaei/io.c:689:42:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            fwrite(buffer, sizeof(char), read, target);
data/gwaei-3.6.2/src/libwaei/io.c:691:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        } while (read > 0);
data/gwaei-3.6.2/src/libwaei/kanjidictionary.c:188:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (ptr != NULL) bytes_read += strlen(result->text);
data/gwaei-3.6.2/src/libwaei/kanjidictionary.c:192:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bytes_read += strlen(result->text);
data/gwaei-3.6.2/src/libwaei/morphology.c:255:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        base_form[strlen(base_form) - 3] = '\0';
data/gwaei-3.6.2/src/libwaei/preferences.c:394:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(output, value, n);
data/gwaei-3.6.2/src/libwaei/unknowndictionary.c:160:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (ptr != NULL) bytes_read += strlen(result->text);
data/gwaei-3.6.2/src/libwaei/utilities.c:383:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char output[strlen(input) + 1];
data/gwaei-3.6.2/src/libwaei/utilities.c:580:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              strlen(input) == 1
data/gwaei-3.6.2/src/libwaei/utilities.c:597:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ん");
data/gwaei-3.6.2/src/libwaei/utilities.c:600:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (strlen(buffer_ptr) == 1 &&
data/gwaei-3.6.2/src/libwaei/utilities.c:609:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "っ");
data/gwaei-3.6.2/src/libwaei/utilities.c:612:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "あ");
data/gwaei-3.6.2/src/libwaei/utilities.c:614:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "い");
data/gwaei-3.6.2/src/libwaei/utilities.c:616:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "う");
data/gwaei-3.6.2/src/libwaei/utilities.c:618:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "え");
data/gwaei-3.6.2/src/libwaei/utilities.c:620:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "お");
data/gwaei-3.6.2/src/libwaei/utilities.c:624:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "か");
data/gwaei-3.6.2/src/libwaei/utilities.c:626:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "き");
data/gwaei-3.6.2/src/libwaei/utilities.c:628:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "く");
data/gwaei-3.6.2/src/libwaei/utilities.c:630:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "け");
data/gwaei-3.6.2/src/libwaei/utilities.c:632:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "こ");
data/gwaei-3.6.2/src/libwaei/utilities.c:642:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "が");
data/gwaei-3.6.2/src/libwaei/utilities.c:644:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぎ");
data/gwaei-3.6.2/src/libwaei/utilities.c:646:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぐ");
data/gwaei-3.6.2/src/libwaei/utilities.c:648:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "げ");
data/gwaei-3.6.2/src/libwaei/utilities.c:650:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ご");
data/gwaei-3.6.2/src/libwaei/utilities.c:661:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "さ");
data/gwaei-3.6.2/src/libwaei/utilities.c:663:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "し");
data/gwaei-3.6.2/src/libwaei/utilities.c:665:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "す");
data/gwaei-3.6.2/src/libwaei/utilities.c:667:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "せ");
data/gwaei-3.6.2/src/libwaei/utilities.c:669:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "そ");
data/gwaei-3.6.2/src/libwaei/utilities.c:679:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ざ");
data/gwaei-3.6.2/src/libwaei/utilities.c:681:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "じ");
data/gwaei-3.6.2/src/libwaei/utilities.c:683:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ず");
data/gwaei-3.6.2/src/libwaei/utilities.c:685:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぜ");
data/gwaei-3.6.2/src/libwaei/utilities.c:687:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぞ");
data/gwaei-3.6.2/src/libwaei/utilities.c:701:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "た");
data/gwaei-3.6.2/src/libwaei/utilities.c:703:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ち");
data/gwaei-3.6.2/src/libwaei/utilities.c:705:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "つ");
data/gwaei-3.6.2/src/libwaei/utilities.c:707:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "て");
data/gwaei-3.6.2/src/libwaei/utilities.c:709:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "と");
data/gwaei-3.6.2/src/libwaei/utilities.c:719:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "だ");
data/gwaei-3.6.2/src/libwaei/utilities.c:721:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぢ");
data/gwaei-3.6.2/src/libwaei/utilities.c:723:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "づ");
data/gwaei-3.6.2/src/libwaei/utilities.c:725:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "で");
data/gwaei-3.6.2/src/libwaei/utilities.c:727:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ど");
data/gwaei-3.6.2/src/libwaei/utilities.c:738:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "な");
data/gwaei-3.6.2/src/libwaei/utilities.c:740:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "に");
data/gwaei-3.6.2/src/libwaei/utilities.c:742:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぬ");
data/gwaei-3.6.2/src/libwaei/utilities.c:744:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ね");
data/gwaei-3.6.2/src/libwaei/utilities.c:746:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "の");
data/gwaei-3.6.2/src/libwaei/utilities.c:757:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "は");
data/gwaei-3.6.2/src/libwaei/utilities.c:759:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ひ");
data/gwaei-3.6.2/src/libwaei/utilities.c:761:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ふ");
data/gwaei-3.6.2/src/libwaei/utilities.c:763:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "へ");
data/gwaei-3.6.2/src/libwaei/utilities.c:765:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ほ");
data/gwaei-3.6.2/src/libwaei/utilities.c:775:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ば");
data/gwaei-3.6.2/src/libwaei/utilities.c:777:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "び");
data/gwaei-3.6.2/src/libwaei/utilities.c:779:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぶ");
data/gwaei-3.6.2/src/libwaei/utilities.c:781:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "べ");
data/gwaei-3.6.2/src/libwaei/utilities.c:783:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぼ");
data/gwaei-3.6.2/src/libwaei/utilities.c:793:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぱ");
data/gwaei-3.6.2/src/libwaei/utilities.c:795:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぴ");
data/gwaei-3.6.2/src/libwaei/utilities.c:797:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぷ");
data/gwaei-3.6.2/src/libwaei/utilities.c:799:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぺ");
data/gwaei-3.6.2/src/libwaei/utilities.c:801:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぽ");
data/gwaei-3.6.2/src/libwaei/utilities.c:812:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ま");
data/gwaei-3.6.2/src/libwaei/utilities.c:814:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "み");
data/gwaei-3.6.2/src/libwaei/utilities.c:816:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "む");
data/gwaei-3.6.2/src/libwaei/utilities.c:818:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "め");
data/gwaei-3.6.2/src/libwaei/utilities.c:820:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "も");
data/gwaei-3.6.2/src/libwaei/utilities.c:831:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "や");
data/gwaei-3.6.2/src/libwaei/utilities.c:833:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ゆ");
data/gwaei-3.6.2/src/libwaei/utilities.c:835:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "よ");
data/gwaei-3.6.2/src/libwaei/utilities.c:839:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ら");
data/gwaei-3.6.2/src/libwaei/utilities.c:841:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "り");
data/gwaei-3.6.2/src/libwaei/utilities.c:843:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "る");
data/gwaei-3.6.2/src/libwaei/utilities.c:845:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "れ");
data/gwaei-3.6.2/src/libwaei/utilities.c:847:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ろ");
data/gwaei-3.6.2/src/libwaei/utilities.c:858:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "わ");
data/gwaei-3.6.2/src/libwaei/utilities.c:864:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "を");
data/gwaei-3.6.2/src/libwaei/utilities.c:877:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぁ");
data/gwaei-3.6.2/src/libwaei/utilities.c:879:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぃ");
data/gwaei-3.6.2/src/libwaei/utilities.c:881:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぅ");
data/gwaei-3.6.2/src/libwaei/utilities.c:883:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぇ");
data/gwaei-3.6.2/src/libwaei/utilities.c:885:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ぉ");
data/gwaei-3.6.2/src/libwaei/utilities.c:899:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
       strcpy(output, "ー");
data/gwaei-3.6.2/src/libwaei/utilities.c:948:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      kana_ptr = &kana_ptr[strlen(kana_ptr)];
data/gwaei-3.6.2/src/libwaei/utilities.c:951:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return (input_ptr != NULL && strlen (input_ptr) == 0);
data/gwaei-3.6.2/src/libwaei/utilities.c:1027:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
        strncpy(ptr, "         ", next - ptr);
data/gwaei-3.6.2/src/libwaei/utilities.c:1165:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = (char*) malloc(sizeof(char) * (strlen(string) * 2) + 1); //max size is if there is a delimitor for every character
data/gwaei-3.6.2/src/libwaei/utilities.c:1177:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strncmp(buffer_ptr, delimitor, strlen(delimitor)) == 0)
data/gwaei-3.6.2/src/libwaei/utilities.c:1188:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          buffer_ptr += strlen(delimitor);
data/gwaei-3.6.2/src/libwaei/utilities.c:1236:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = (char*) malloc(sizeof(char) * (strlen(string) * 2) + 1); //max size is if there is a delimitor for every character
data/gwaei-3.6.2/src/libwaei/utilities.c:1253:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          buffer_ptr += strlen(delimitor);
data/gwaei-3.6.2/src/libwaei/utilities.c:1306:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      length += strlen (argv[i]) + 1;
data/gwaei-3.6.2/src/libwaei/utilities.c:1318:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      ptr += strlen(argv[i]);
data/gwaei-3.6.2/src/libwaei/utilities.c:1322:7:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
      strcpy(ptr, " ");
data/gwaei-3.6.2/src/libwaei/utilities.c:1323:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      ptr += strlen(" ");
data/gwaei-3.6.2/src/libwaei/utilities.c:1357:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        text_length += strlen (src_ptr);
data/gwaei-3.6.2/src/libwaei/utilities.c:1396:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = g_new (gchar, strlen(text) + 1);
data/gwaei-3.6.2/src/libwaei/utilities.c:1464:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    delimitor_length = strlen (DELIMITOR);
data/gwaei-3.6.2/src/libwaei/utilities.c:1480:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = g_new (gchar, strlen(TEXT) + (delimitor_length * count) + 1);
data/gwaei-3.6.2/src/libwaei/utilities.c:1526:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    delimitor_length = strlen(DELIMITOR);
data/gwaei-3.6.2/src/libwaei/utilities.c:1538:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = g_new (gchar, strlen(TEXT) + (delimitor_length * count) + 1);
data/gwaei-3.6.2/src/libwaei/utilities.c:1586:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    delimitor_length = strlen(DELIMITOR);
data/gwaei-3.6.2/src/libwaei/utilities.c:1601:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buffer = g_new (gchar, strlen(TEXT) + (delimitor_length * count) + 1);
data/gwaei-3.6.2/src/libwaei/vocabulary.c:56:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          chars += strlen(name) + 1;
data/gwaei-3.6.2/src/libwaei/vocabulary.c:67:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(buffer, ";");
data/gwaei-3.6.2/src/libwaei/vocabulary.c:87:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    g_assert (NAME != NULL && strlen (NAME) > 0);
data/gwaei-3.6.2/src/libwaei/vocabulary.c:145:20:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            while (fgetc(stream) != '\n' && feof(stream) == 0);
data/gwaei-3.6.2/src/waei/console.c:188:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        for (j = strlen(filename); j < 20; j++) printf(" ");
data/gwaei-3.6.2/src/waei/console.c:229:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      for (j = strlen(filename); j < 20; j++) printf(" ");
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:206:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgctxt_len = strlen (msgctxt) + 1;
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:207:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgid_len = strlen (msgid) + 1;
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:252:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgctxt_len = strlen (msgctxt) + 1;
data/gwaei-3.6.2/src/waei/include/waei/gettext.h:253:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t msgid_len = strlen (msgid) + 1;

ANALYSIS SUMMARY:

Hits = 317
Lines analyzed = 43244 in approximately 0.88 seconds (49059 lines/second)
Physical Source Lines of Code (SLOC) = 29649
Hits@level = [0] 124 [1] 173 [2] 118 [3]  11 [4]  15 [5]   0
Hits@level+ = [0+] 441 [1+] 317 [2+] 144 [3+]  26 [4+]  15 [5+]   0
Hits/KSLOC@level+ = [0+] 14.874 [1+] 10.6918 [2+] 4.85682 [3+] 0.876927 [4+] 0.505919 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.