Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ibus-1.5.23/src/ibus.h
Examining data/ibus-1.5.23/src/ibusaccelgroup.h
Examining data/ibus-1.5.23/src/ibusattribute.h
Examining data/ibus-1.5.23/src/ibusattrlist.h
Examining data/ibus-1.5.23/src/ibusbus.h
Examining data/ibus-1.5.23/src/ibuscomponent.h
Examining data/ibus-1.5.23/src/ibusconfig.h
Examining data/ibus-1.5.23/src/ibusconfigservice.h
Examining data/ibus-1.5.23/src/ibusdebug.h
Examining data/ibus-1.5.23/src/ibusemoji.h
Examining data/ibus-1.5.23/src/ibusengine.h
Examining data/ibus-1.5.23/src/ibusenginedesc.h
Examining data/ibus-1.5.23/src/ibusenginesimple.h
Examining data/ibus-1.5.23/src/ibuserror.h
Examining data/ibus-1.5.23/src/ibusfactory.h
Examining data/ibus-1.5.23/src/ibushotkey.h
Examining data/ibus-1.5.23/src/ibusinputcontext.h
Examining data/ibus-1.5.23/src/ibuskeymap.h
Examining data/ibus-1.5.23/src/ibuskeys.h
Examining data/ibus-1.5.23/src/ibuskeysyms-compat.h
Examining data/ibus-1.5.23/src/ibuskeysyms.h
Examining data/ibus-1.5.23/src/ibuslookuptable.h
Examining data/ibus-1.5.23/src/ibusobject.h
Examining data/ibus-1.5.23/src/ibusobservedpath.h
Examining data/ibus-1.5.23/src/ibuspanelservice.h
Examining data/ibus-1.5.23/src/ibusproperty.h
Examining data/ibus-1.5.23/src/ibusproplist.h
Examining data/ibus-1.5.23/src/ibusproxy.h
Examining data/ibus-1.5.23/src/ibusregistry.h
Examining data/ibus-1.5.23/src/ibusserializable.h
Examining data/ibus-1.5.23/src/ibusservice.h
Examining data/ibus-1.5.23/src/ibusshare.h
Examining data/ibus-1.5.23/src/ibustext.h
Examining data/ibus-1.5.23/src/ibustypes.h
Examining data/ibus-1.5.23/src/ibusunicode.h
Examining data/ibus-1.5.23/src/ibusutil.h
Examining data/ibus-1.5.23/src/ibusxevent.h
Examining data/ibus-1.5.23/src/ibusxml.h
Examining data/ibus-1.5.23/src/ibusenumtypes.h
Examining data/ibus-1.5.23/src/ibusversion.h
Examining data/ibus-1.5.23/src/gtkimcontextsimpleseqs.h
Examining data/ibus-1.5.23/src/ibuscomposetable.h
Examining data/ibus-1.5.23/src/ibusemojigen.h
Examining data/ibus-1.5.23/src/ibusenginesimpleprivate.h
Examining data/ibus-1.5.23/src/ibusinternal.h
Examining data/ibus-1.5.23/src/ibusunicodegen.h
Examining data/ibus-1.5.23/src/keyname-table.h
Examining data/ibus-1.5.23/src/ibuscomposetable.c
Examining data/ibus-1.5.23/src/ibusenumtypes.c
Examining data/ibus-1.5.23/src/ibusmarshalers.c
Examining data/ibus-1.5.23/src/ibusaccelgroup.c
Examining data/ibus-1.5.23/src/ibusattribute.c
Examining data/ibus-1.5.23/src/ibusattrlist.c
Examining data/ibus-1.5.23/src/ibusbus.c
Examining data/ibus-1.5.23/src/ibuscomponent.c
Examining data/ibus-1.5.23/src/ibusconfig.c
Examining data/ibus-1.5.23/src/ibusconfigservice.c
Examining data/ibus-1.5.23/src/ibusemoji.c
Examining data/ibus-1.5.23/src/ibusengine.c
Examining data/ibus-1.5.23/src/ibusenginedesc.c
Examining data/ibus-1.5.23/src/ibusenginesimple.c
Examining data/ibus-1.5.23/src/ibuserror.c
Examining data/ibus-1.5.23/src/ibusfactory.c
Examining data/ibus-1.5.23/src/ibushotkey.c
Examining data/ibus-1.5.23/src/ibusinputcontext.c
Examining data/ibus-1.5.23/src/ibuskeymap.c
Examining data/ibus-1.5.23/src/ibuskeynames.c
Examining data/ibus-1.5.23/src/ibuskeyuni.c
Examining data/ibus-1.5.23/src/ibuslookuptable.c
Examining data/ibus-1.5.23/src/ibusobject.c
Examining data/ibus-1.5.23/src/ibusobservedpath.c
Examining data/ibus-1.5.23/src/ibusproperty.c
Examining data/ibus-1.5.23/src/ibusproplist.c
Examining data/ibus-1.5.23/src/ibusproxy.c
Examining data/ibus-1.5.23/src/ibusregistry.c
Examining data/ibus-1.5.23/src/ibusserializable.c
Examining data/ibus-1.5.23/src/ibusservice.c
Examining data/ibus-1.5.23/src/ibustext.c
Examining data/ibus-1.5.23/src/ibusunicode.c
Examining data/ibus-1.5.23/src/ibusutil.c
Examining data/ibus-1.5.23/src/ibusxevent.c
Examining data/ibus-1.5.23/src/ibusxml.c
Examining data/ibus-1.5.23/src/emoji-parser.c
Examining data/ibus-1.5.23/src/unicode-parser.c
Examining data/ibus-1.5.23/src/tests/ibus-bus.c
Examining data/ibus-1.5.23/src/tests/ibus-compose.c
Examining data/ibus-1.5.23/src/tests/ibus-config.c
Examining data/ibus-1.5.23/src/tests/ibus-configservice.c
Examining data/ibus-1.5.23/src/tests/ibus-engine-switch.c
Examining data/ibus-1.5.23/src/tests/ibus-factory.c
Examining data/ibus-1.5.23/src/tests/ibus-inputcontext.c
Examining data/ibus-1.5.23/src/tests/ibus-inputcontext-create.c
Examining data/ibus-1.5.23/src/tests/ibus-keynames.c
Examining data/ibus-1.5.23/src/tests/ibus-keypress.c
Examining data/ibus-1.5.23/src/tests/ibus-registry.c
Examining data/ibus-1.5.23/src/tests/ibus-serializable.c
Examining data/ibus-1.5.23/src/tests/ibus-share.c
Examining data/ibus-1.5.23/src/tests/ibus-util.c
Examining data/ibus-1.5.23/src/ibusshare.c
Examining data/ibus-1.5.23/src/ibuspanelservice.c
Examining data/ibus-1.5.23/bindings/vala/candidatearea.c
Examining data/ibus-1.5.23/bindings/vala/emojier.c
Examining data/ibus-1.5.23/bindings/vala/iconwidget.c
Examining data/ibus-1.5.23/bindings/vala/pango.c
Examining data/ibus-1.5.23/bindings/vala/separator.c
Examining data/ibus-1.5.23/util/IMdkit/FrameMgr.h
Examining data/ibus-1.5.23/util/IMdkit/IMdkit.h
Examining data/ibus-1.5.23/util/IMdkit/Xi18n.h
Examining data/ibus-1.5.23/util/IMdkit/Xi18nX.h
Examining data/ibus-1.5.23/util/IMdkit/XimFunc.h
Examining data/ibus-1.5.23/util/IMdkit/XimProto.h
Examining data/ibus-1.5.23/util/IMdkit/Xtrans.h
Examining data/ibus-1.5.23/util/IMdkit/FrameMgr.c
Examining data/ibus-1.5.23/util/IMdkit/i18nAttr.c
Examining data/ibus-1.5.23/util/IMdkit/i18nClbk.c
Examining data/ibus-1.5.23/util/IMdkit/i18nIc.c
Examining data/ibus-1.5.23/util/IMdkit/i18nIMProto.c
Examining data/ibus-1.5.23/util/IMdkit/i18nMethod.c
Examining data/ibus-1.5.23/util/IMdkit/i18nOffsetCache.c
Examining data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c
Examining data/ibus-1.5.23/util/IMdkit/i18nUtil.c
Examining data/ibus-1.5.23/util/IMdkit/i18nX.c
Examining data/ibus-1.5.23/util/IMdkit/IMConn.c
Examining data/ibus-1.5.23/util/IMdkit/IMMethod.c
Examining data/ibus-1.5.23/util/IMdkit/IMValues.c
Examining data/ibus-1.5.23/conf/dconf/main.c
Examining data/ibus-1.5.23/conf/dconf/config.c
Examining data/ibus-1.5.23/conf/dconf/config-private.h
Examining data/ibus-1.5.23/conf/memconf/main.c
Examining data/ibus-1.5.23/conf/memconf/config.c
Examining data/ibus-1.5.23/conf/memconf/config.h
Examining data/ibus-1.5.23/client/gtk2/ibusim.c
Examining data/ibus-1.5.23/client/gtk2/ibusimcontext.c
Examining data/ibus-1.5.23/client/gtk2/ibusimcontext.h
Examining data/ibus-1.5.23/client/gtk3/ibusim.c
Examining data/ibus-1.5.23/client/gtk3/ibusimcontext.c
Examining data/ibus-1.5.23/client/gtk3/ibusimcontext.h
Examining data/ibus-1.5.23/client/x11/gdk-private.h
Examining data/ibus-1.5.23/client/x11/locales.h
Examining data/ibus-1.5.23/client/x11/main.c
Examining data/ibus-1.5.23/client/x11/gdk-private.c
Examining data/ibus-1.5.23/client/wayland/input-method-unstable-v1-client-protocol.h
Examining data/ibus-1.5.23/client/wayland/input-method-unstable-v1-protocol.c
Examining data/ibus-1.5.23/client/wayland/main.c
Examining data/ibus-1.5.23/portal/portal.c
Examining data/ibus-1.5.23/portal/ibus-portal-dbus.c
Examining data/ibus-1.5.23/portal/ibus-portal-dbus.h
Examining data/ibus-1.5.23/engine/main.c
Examining data/ibus-1.5.23/ui/gtk3/application.c
Examining data/ibus-1.5.23/ui/gtk3/bindingcommon.c
Examining data/ibus-1.5.23/ui/gtk3/candidatearea.c
Examining data/ibus-1.5.23/ui/gtk3/candidatepanel.c
Examining data/ibus-1.5.23/ui/gtk3/emojier.c
Examining data/ibus-1.5.23/ui/gtk3/handle.c
Examining data/ibus-1.5.23/ui/gtk3/iconwidget.c
Examining data/ibus-1.5.23/ui/gtk3/indicator.c
Examining data/ibus-1.5.23/ui/gtk3/keybindingmanager.c
Examining data/ibus-1.5.23/ui/gtk3/panel.c
Examining data/ibus-1.5.23/ui/gtk3/pango.c
Examining data/ibus-1.5.23/ui/gtk3/property.c
Examining data/ibus-1.5.23/ui/gtk3/propertypanel.c
Examining data/ibus-1.5.23/ui/gtk3/separator.c
Examining data/ibus-1.5.23/ui/gtk3/switcher.c
Examining data/ibus-1.5.23/ui/gtk3/xkblayout.c
Examining data/ibus-1.5.23/ui/gtk3/extension.c
Examining data/ibus-1.5.23/ui/gtk3/panelbinding.c
Examining data/ibus-1.5.23/ui/gtk3/emojierapp.c
Examining data/ibus-1.5.23/ui/gtk3/gen-notification-item.xml.c
Examining data/ibus-1.5.23/ui/gtk3/gen-notification-watcher.xml.c
Examining data/ibus-1.5.23/ui/gtk3/ibusemojidialog.h
Examining data/ibus-1.5.23/tools/main.c
Examining data/ibus-1.5.23/bus/component.c
Examining data/ibus-1.5.23/bus/component.h
Examining data/ibus-1.5.23/bus/dbusimpl.c
Examining data/ibus-1.5.23/bus/dbusimpl.h
Examining data/ibus-1.5.23/bus/ibusimpl.c
Examining data/ibus-1.5.23/bus/ibusimpl.h
Examining data/ibus-1.5.23/bus/inputcontext.c
Examining data/ibus-1.5.23/bus/inputcontext.h
Examining data/ibus-1.5.23/bus/engineproxy.c
Examining data/ibus-1.5.23/bus/engineproxy.h
Examining data/ibus-1.5.23/bus/panelproxy.c
Examining data/ibus-1.5.23/bus/panelproxy.h
Examining data/ibus-1.5.23/bus/factoryproxy.c
Examining data/ibus-1.5.23/bus/factoryproxy.h
Examining data/ibus-1.5.23/bus/global.c
Examining data/ibus-1.5.23/bus/global.h
Examining data/ibus-1.5.23/bus/server.c
Examining data/ibus-1.5.23/bus/server.h
Examining data/ibus-1.5.23/bus/connection.c
Examining data/ibus-1.5.23/bus/connection.h
Examining data/ibus-1.5.23/bus/matchrule.c
Examining data/ibus-1.5.23/bus/matchrule.h
Examining data/ibus-1.5.23/bus/marshalers.c
Examining data/ibus-1.5.23/bus/marshalers.h
Examining data/ibus-1.5.23/bus/types.h
Examining data/ibus-1.5.23/bus/main.c
Examining data/ibus-1.5.23/bus/test-matchrule.c
Examining data/ibus-1.5.23/bus/test-client.c
Examining data/ibus-1.5.23/bus/test-client.h
Examining data/ibus-1.5.23/bus/test-stress.c

FINAL RESULTS:

data/ibus-1.5.23/bus/server.c:66:17:  [5] (race) readlink:
  This accepts filename arguments; if an attacker can move those files or
  change the link content, a race condition results. Also, it does not
  terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
            r = readlink (proclnk, filename, MAXSIZE);
data/ibus-1.5.23/bus/server.c:80:5:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    execv (exe, g_argv);
data/ibus-1.5.23/bus/server.c:88:9:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        execv (exe, g_argv);
data/ibus-1.5.23/src/emoji-parser.c:801:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (head, shortname + 1);
data/ibus-1.5.23/src/ibusaccelgroup.c:477:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_release);
data/ibus-1.5.23/src/ibusaccelgroup.c:481:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_primary);
data/ibus-1.5.23/src/ibusaccelgroup.c:487:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_shift);
data/ibus-1.5.23/src/ibusaccelgroup.c:491:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_control);
data/ibus-1.5.23/src/ibusaccelgroup.c:495:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_mod1);
data/ibus-1.5.23/src/ibusaccelgroup.c:499:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_mod2);
data/ibus-1.5.23/src/ibusaccelgroup.c:503:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_mod3);
data/ibus-1.5.23/src/ibusaccelgroup.c:507:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_mod4);
data/ibus-1.5.23/src/ibusaccelgroup.c:511:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_mod5);
data/ibus-1.5.23/src/ibusaccelgroup.c:515:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_meta);
data/ibus-1.5.23/src/ibusaccelgroup.c:519:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_hyper);
data/ibus-1.5.23/src/ibusaccelgroup.c:523:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy (accelerator + l, text_super);
data/ibus-1.5.23/src/ibusaccelgroup.c:526:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (accelerator + l, keyval_name);
data/ibus-1.5.23/util/IMdkit/i18nIc.c:542:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(attr_ret[n].name, xic_attr[j].name);
data/ibus-1.5.23/util/IMdkit/i18nIc.c:563:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(attr_ret[n].name, xic_attr[j].name);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:169:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy ((*p_encoding)->supported_encodings[i],
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:194:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy (address->im_locale, p->value);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:206:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(address->im_addr, p->value);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:218:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy (address->im_name, p->value);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:344:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy (p->value, address->im_locale);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:352:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy (p->value, address->im_addr);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:362:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy (p->value, address->im_name);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:50:2:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	fprintf(stderr, msg);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:392:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy (ext_list[i].name, im_ext[i].name);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:410:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy (ext_list[n].name, im_ext[i].name);
data/ibus-1.5.23/bus/test-stress.c:92:23:  [3] (random) g_rand_int_range:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        if(count>0 || g_rand_int_range (rnd, 0, 5) == 0) {
data/ibus-1.5.23/bus/test-stress.c:95:25:  [3] (random) g_rand_int_range:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                count = g_rand_int_range (rnd, 0, MAX_RANDOM_SPACE) + 1;
data/ibus-1.5.23/bus/test-stress.c:104:22:  [3] (random) g_rand_int_range:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
            keysym = g_rand_int_range (rnd, 0, 'z'-'a'+1) + 'a';
data/ibus-1.5.23/client/x11/main.c:1176:13:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
        c = getopt_long (argc, argv, "v:n:l:k:a",
data/ibus-1.5.23/engine/main.c:232:11:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	_tmp3_ = g_get_home_dir ();
data/ibus-1.5.23/src/ibusenginesimple.c:1782:16:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
        home = g_get_home_dir ();
data/ibus-1.5.23/src/ibusobservedpath.c:224:32:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
        const gchar *homedir = g_get_home_dir ();
data/ibus-1.5.23/ui/gtk3/xkblayout.c:1142:11:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	_tmp0_ = g_get_home_dir ();
data/ibus-1.5.23/bus/main.c:161:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        open("/dev/null",O_RDWR);
data/ibus-1.5.23/bus/server.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char proclnk[MAXSIZE];
data/ibus-1.5.23/bus/server.c:53:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXSIZE];
data/ibus-1.5.23/client/x11/main.c:1184:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                g_debug_level = atoi (optarg);
data/ibus-1.5.23/client/x11/main.c:1209:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            g_debug_level = atoi (optarg);
data/ibus-1.5.23/src/ibuscomposetable.c:763:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy (retval->data, data, data_length * sizeof (guint16));
data/ibus-1.5.23/src/ibuscomposetable.c:797:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy (retval->priv->data_first,
data/ibus-1.5.23/src/ibuscomposetable.c:816:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy (retval->priv->data_second,
data/ibus-1.5.23/src/ibusenginedesc.c:743:32:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            desc->priv->rank = atoi (sub_node->text);
data/ibus-1.5.23/src/ibusenginesimple.c:906:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (combination_buffer_temp,
data/ibus-1.5.23/src/ibusenginesimple.c:916:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy (combination_buffer,
data/ibus-1.5.23/src/ibusobservedpath.c:372:20:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            hash = atol (attr[1]);
data/ibus-1.5.23/src/ibusobservedpath.c:412:27:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            path->mtime = atol (attr[1]);
data/ibus-1.5.23/src/ibusregistry.c:450:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (p, (gchar *) &intval, 4);
data/ibus-1.5.23/src/ibusregistry.c:454:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (p, (gchar *) &intval, 4);
data/ibus-1.5.23/src/ibusshare.c:265:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    pf = fopen (ibus_get_socket_path (), "r");
data/ibus-1.5.23/src/ibusshare.c:290:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            pid = atoi(p + sizeof ("IBUS_DAEMON_PID=") - 1);
data/ibus-1.5.23/src/ibusshare.c:342:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    pf = fopen (socket_path, "w");
data/ibus-1.5.23/src/ibusutil.c:179:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char first[8] = { 0 };
data/ibus-1.5.23/src/ibusxml.c:200:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *pf = fopen (filename, "r");
data/ibus-1.5.23/tools/main.c:2099:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (dup, self, sizeof (CommandEntry));
data/ibus-1.5.23/ui/gtk3/panel.c:2923:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	major1 = atoi (_tmp7_);
data/ibus-1.5.23/ui/gtk3/panel.c:2927:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	minor1 = atoi (_tmp9_);
data/ibus-1.5.23/ui/gtk3/panel.c:2931:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	micro1 = atoi (_tmp11_);
data/ibus-1.5.23/ui/gtk3/panel.c:2935:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	major2 = atoi (_tmp13_);
data/ibus-1.5.23/ui/gtk3/panel.c:2939:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	minor2 = atoi (_tmp15_);
data/ibus-1.5.23/ui/gtk3/panel.c:2943:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	micro2 = atoi (_tmp17_);
data/ibus-1.5.23/util/IMdkit/FrameMgr.c:466:13:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            bcopy (*(char **) data, fm->area + fm->idx, info.num);
data/ibus-1.5.23/util/IMdkit/Xtrans.h:144:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char	addr[XTRANS_MAX_ADDR_LEN];
data/ibus-1.5.23/util/IMdkit/i18nIc.c:109:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((char *) *value_buf)[base_length] = (char) 0;
data/ibus-1.5.23/util/IMdkit/i18nIc.c:704:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	((char *)attrib_list[attrib_num].value)[value_length] = '\0';
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:509:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:597:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:701:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[4096];
data/ibus-1.5.23/util/IMdkit/i18nX.c:194:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy (p, prop + (offset % 4), length);
data/ibus-1.5.23/util/IMdkit/i18nX.c:282:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (atomName,
data/ibus-1.5.23/util/IMdkit/i18nX.c:308:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char atomName[16];
data/ibus-1.5.23/util/IMdkit/i18nX.c:351:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char buffer[XCM_DATA_LIMIT];
data/ibus-1.5.23/bindings/vala/candidatearea.c:615:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
						_tmp26_ = strlen (_tmp25_);
data/ibus-1.5.23/bindings/vala/candidatearea.c:639:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
						_tmp44_ = strlen (_tmp43_);
data/ibus-1.5.23/bindings/vala/emojier.c:1161:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				_tmp14_ = strlen (_tmp13_);
data/ibus-1.5.23/bindings/vala/emojier.c:1168:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp17_ = strlen (_tmp16_);
data/ibus-1.5.23/bindings/vala/emojier.c:1810:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		_tmp1_ = strlen (self);
data/ibus-1.5.23/bindings/vala/emojier.c:2333:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				_tmp5_ = strlen (_tmp4_);
data/ibus-1.5.23/bindings/vala/emojier.c:2340:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp8_ = strlen (_tmp7_);
data/ibus-1.5.23/bindings/vala/emojier.c:2402:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				_tmp7_ = strlen (_tmp6_);
data/ibus-1.5.23/bindings/vala/emojier.c:2409:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp10_ = strlen (_tmp9_);
data/ibus-1.5.23/bindings/vala/emojier.c:4345:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (annotation);
data/ibus-1.5.23/bindings/vala/emojier.c:4378:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp6_ = strlen (_tmp5_);
data/ibus-1.5.23/bindings/vala/emojier.c:4687:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp3_ = strlen (_tmp2_);
data/ibus-1.5.23/bindings/vala/emojier.c:4699:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp7_ = strlen (_tmp6_);
data/ibus-1.5.23/bindings/vala/emojier.c:6305:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		_tmp6_ = strlen (_tmp5_);
data/ibus-1.5.23/bindings/vala/emojier.c:6936:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp1_ = strlen (annotation);
data/ibus-1.5.23/bindings/vala/emojier.c:8413:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp8_ = strlen (_tmp7_);
data/ibus-1.5.23/bindings/vala/emojier.c:8438:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp14_ = strlen (_tmp13_);
data/ibus-1.5.23/bindings/vala/emojier.c:8525:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp8_ = strlen (_tmp7_);
data/ibus-1.5.23/bindings/vala/emojier.c:8550:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp14_ = strlen (_tmp13_);
data/ibus-1.5.23/bus/server.c:87:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        exe [strlen (exe) - sizeof (suffix) + 1] = '\0';
data/ibus-1.5.23/bus/server.c:214:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        gchar *sub2 = g_strdup (p + strlen (variable));                 \
data/ibus-1.5.23/bus/server.c:262:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        unix_dir = g_strdup (socket_address + strlen (prefix));         \
data/ibus-1.5.23/client/gtk2/ibusimcontext.c:1389:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    g_return_if_fail (strlen (text) >= len);
data/ibus-1.5.23/client/gtk3/ibusimcontext.c:1389:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    g_return_if_fail (strlen (text) >= len);
data/ibus-1.5.23/client/x11/main.c:255:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        text.length = strlen ((char*)tp.value);
data/ibus-1.5.23/src/emoji-parser.c:374:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            } else if (value[0] == '[' && value[strlen(value) - 1] == ']') {
data/ibus-1.5.23/src/emoji-parser.c:377:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                data->emoji = g_strndup (value + 1, strlen(value) - 2);
data/ibus-1.5.23/src/emoji-parser.c:566:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tag_length = strlen (EMOJI_VERSION_TAG);
data/ibus-1.5.23/src/emoji-parser.c:567:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen (line) > tag_length &&
data/ibus-1.5.23/src/emoji-parser.c:572:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tag_length = strlen (EMOJI_GROUP_TAG);
data/ibus-1.5.23/src/emoji-parser.c:573:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen (line) > tag_length &&
data/ibus-1.5.23/src/emoji-parser.c:580:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tag_length = strlen (EMOJI_SUBGROUP_TAG);
data/ibus-1.5.23/src/emoji-parser.c:581:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen (line) > tag_length &&
data/ibus-1.5.23/src/emoji-parser.c:595:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tag_length = strlen (EMOJI_NON_FULLY_QUALIFIED_TAG);
data/ibus-1.5.23/src/emoji-parser.c:799:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    length = strlen (shortname);
data/ibus-1.5.23/src/ibusaccelgroup.c:303:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen (accelerator);
data/ibus-1.5.23/src/ibusaccelgroup.c:463:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    l += strlen (keyval_name);
data/ibus-1.5.23/src/ibusenginesimple.c:389:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen (priv->tentative_emoji);
data/ibus-1.5.23/src/ibusenginesimple.c:515:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int length = strlen (keys->data);
data/ibus-1.5.23/src/ibusenginesimple.c:1817:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                         strlen (*sys_lang)) == 0) {
data/ibus-1.5.23/src/ibusobservedpath.c:501:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            file += strlen (path);
data/ibus-1.5.23/src/ibusxml.c:272:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        retval = g_markup_parse_context_parse (context, buffer, strlen (buffer), &error);
data/ibus-1.5.23/src/unicode-parser.c:125:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen (line) > 4 && strncmp (line, "@@@", 3) == 0) {
data/ibus-1.5.23/src/unicode-parser.c:128:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            strlen (NAMES_LIST_SUBJECT)) == 0) {
data/ibus-1.5.23/src/unicode-parser.c:130:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    g_strdup (elements[1] + strlen (NAMES_LIST_SUBJECT) + 1);
data/ibus-1.5.23/src/unicode-parser.c:217:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen (line) > strlen (BLOCKS_SUBJECT) &&
data/ibus-1.5.23/src/unicode-parser.c:217:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen (line) > strlen (BLOCKS_SUBJECT) &&
data/ibus-1.5.23/src/unicode-parser.c:218:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncmp (line, BLOCKS_SUBJECT, strlen (BLOCKS_SUBJECT)) == 0) {
data/ibus-1.5.23/src/unicode-parser.c:219:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            unicode_version = g_strdup (line + strlen (BLOCKS_SUBJECT) + 1);
data/ibus-1.5.23/ui/gtk3/candidatearea.c:615:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
						_tmp26_ = strlen (_tmp25_);
data/ibus-1.5.23/ui/gtk3/candidatearea.c:639:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
						_tmp44_ = strlen (_tmp43_);
data/ibus-1.5.23/ui/gtk3/candidatepanel.c:555:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		_tmp16_ = strlen (_tmp15_);
data/ibus-1.5.23/ui/gtk3/candidatepanel.c:587:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		_tmp3_ = strlen (_tmp2_);
data/ibus-1.5.23/ui/gtk3/emojier.c:1161:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				_tmp14_ = strlen (_tmp13_);
data/ibus-1.5.23/ui/gtk3/emojier.c:1168:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp17_ = strlen (_tmp16_);
data/ibus-1.5.23/ui/gtk3/emojier.c:1810:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		_tmp1_ = strlen (self);
data/ibus-1.5.23/ui/gtk3/emojier.c:2333:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				_tmp5_ = strlen (_tmp4_);
data/ibus-1.5.23/ui/gtk3/emojier.c:2340:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp8_ = strlen (_tmp7_);
data/ibus-1.5.23/ui/gtk3/emojier.c:2402:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				_tmp7_ = strlen (_tmp6_);
data/ibus-1.5.23/ui/gtk3/emojier.c:2409:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp10_ = strlen (_tmp9_);
data/ibus-1.5.23/ui/gtk3/emojier.c:4345:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (annotation);
data/ibus-1.5.23/ui/gtk3/emojier.c:4378:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp6_ = strlen (_tmp5_);
data/ibus-1.5.23/ui/gtk3/emojier.c:4687:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp3_ = strlen (_tmp2_);
data/ibus-1.5.23/ui/gtk3/emojier.c:4699:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp7_ = strlen (_tmp6_);
data/ibus-1.5.23/ui/gtk3/emojier.c:6305:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		_tmp6_ = strlen (_tmp5_);
data/ibus-1.5.23/ui/gtk3/emojier.c:6936:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp1_ = strlen (annotation);
data/ibus-1.5.23/ui/gtk3/emojier.c:8413:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp8_ = strlen (_tmp7_);
data/ibus-1.5.23/ui/gtk3/emojier.c:8438:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp14_ = strlen (_tmp13_);
data/ibus-1.5.23/ui/gtk3/emojier.c:8525:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp8_ = strlen (_tmp7_);
data/ibus-1.5.23/ui/gtk3/emojier.c:8550:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp14_ = strlen (_tmp13_);
data/ibus-1.5.23/ui/gtk3/panel.c:3922:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp2_ = strlen (symbol);
data/ibus-1.5.23/ui/gtk3/panel.c:5394:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (self);
data/ibus-1.5.23/ui/gtk3/panel.c:5548:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			_tmp27_ = strlen (_tmp26_);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:502:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (text);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:586:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (self);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:655:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp4_ = strlen (_tmp3_);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:688:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp17_ = strlen (_tmp16_);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:718:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp4_ = strlen (_tmp3_);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:943:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp5_ = strlen (_tmp4_);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:978:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (extension_name);
data/ibus-1.5.23/ui/gtk3/panelbinding.c:2257:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		_tmp8_ = strlen (_tmp7_);
data/ibus-1.5.23/ui/gtk3/switcher.c:1214:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (self);
data/ibus-1.5.23/ui/gtk3/switcher.c:1313:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp13_ = strlen (_tmp12_);
data/ibus-1.5.23/ui/gtk3/switcher.c:1473:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp10_ = strlen (_tmp9_);
data/ibus-1.5.23/ui/gtk3/xkblayout.c:266:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	_tmp0_ = strlen (self);
data/ibus-1.5.23/ui/gtk3/xkblayout.c:485:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp27_ = strlen (_tmp26_);
data/ibus-1.5.23/ui/gtk3/xkblayout.c:488:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp30_ = strlen (_tmp29_);
data/ibus-1.5.23/ui/gtk3/xkblayout.c:529:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp44_ = strlen (_tmp43_);
data/ibus-1.5.23/ui/gtk3/xkblayout.c:532:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp47_ = strlen (_tmp46_);
data/ibus-1.5.23/ui/gtk3/xkblayout.c:573:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp61_ = strlen (_tmp60_);
data/ibus-1.5.23/ui/gtk3/xkblayout.c:576:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					_tmp64_ = strlen (_tmp63_);
data/ibus-1.5.23/util/IMdkit/i18nAttr.c:119:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p->length = strlen (attr->name);
data/ibus-1.5.23/util/IMdkit/i18nAttr.c:171:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ext_list->length = strlen(ext_list->name);
data/ibus-1.5.23/util/IMdkit/i18nIc.c:108:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy ((char *) (*value_buf), base_name, base_length);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:168:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            = (char *) malloc (strlen (p->supported_encodings[i]) + 1);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:190:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                address->im_locale = (char *) malloc (strlen (p->value) + 1);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:202:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                address->im_addr = (char *) malloc (strlen (p->value) + 1);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:214:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                address->im_name = (char *) malloc (strlen (p->value) + 1);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:340:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p->value = (char *) malloc (strlen (address->im_locale) + 1);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:348:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p->value = (char *) malloc (strlen (address->im_addr) + 1);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:358:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    p->value = (char *) malloc (strlen (address->im_name) + 1);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:725:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                     strlen (buf));
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:956:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        str_length = strlen (call_data->commit_string);
data/ibus-1.5.23/util/IMdkit/i18nMethod.c:988:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        str_length = strlen (call_data->commit_string);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:184:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy (imopen->lang.name, name, str_length);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:215:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        str_size = strlen (i18n_core->address.xim_attr[i].name);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:224:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        str_size = strlen (i18n_core->address.xic_attr[i].name);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:465:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy (query_ext->extension[number].name, name, str_length);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:504:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        str_size = strlen (ext_list[i].name);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:1450:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy (enc_nego->encoding[i].name, name, str_length);
data/ibus-1.5.23/util/IMdkit/i18nPtHdr.c:1475:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy (enc_nego->encodinginfo[i].name, name, str_length);

ANALYSIS SUMMARY:

Hits = 186
Lines analyzed = 155582 in approximately 3.28 seconds (47372 lines/second)
Physical Source Lines of Code (SLOC) = 125490
Hits@level = [0]  32 [1] 111 [2]  38 [3]   8 [4]  28 [5]   1
Hits@level+ = [0+] 218 [1+] 186 [2+]  75 [3+]  37 [4+]  29 [5+]   1
Hits/KSLOC@level+ = [0+] 1.73719 [1+] 1.48219 [2+] 0.597657 [3+] 0.294844 [4+] 0.231094 [5+] 0.00796876
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.