Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ibus-pinyin-1.5.0/lua/test-lua-plugin.c Examining data/ibus-pinyin-1.5.0/lua/lua-plugin.h Examining data/ibus-pinyin-1.5.0/lua/lua-ext-console.c Examining data/ibus-pinyin-1.5.0/lua/lua-plugin-init.c Examining data/ibus-pinyin-1.5.0/lua/lua-plugin.c Examining data/ibus-pinyin-1.5.0/lua/lmyoslib.c Examining data/ibus-pinyin-1.5.0/src/PYFallbackEditor.h Examining data/ibus-pinyin-1.5.0/src/PYPhoneticEditor.h Examining data/ibus-pinyin-1.5.0/src/PYRegex.h Examining data/ibus-pinyin-1.5.0/src/PYPinyinProperties.cc Examining data/ibus-pinyin-1.5.0/src/PYPhoneticEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYObject.h Examining data/ibus-pinyin-1.5.0/src/PYHalfFullConverter.h Examining data/ibus-pinyin-1.5.0/src/PYFallbackEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYDynamicSpecialPhrase.cc Examining data/ibus-pinyin-1.5.0/src/PYFullPinyinEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYBopomofoEngine.h Examining data/ibus-pinyin-1.5.0/src/PYPunctEditor.h Examining data/ibus-pinyin-1.5.0/src/PYBopomofoEditor.h Examining data/ibus-pinyin-1.5.0/src/PYString.h Examining data/ibus-pinyin-1.5.0/src/PYEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYRawEditor.h Examining data/ibus-pinyin-1.5.0/src/PYText.h Examining data/ibus-pinyin-1.5.0/src/PYPinyinProperties.h Examining data/ibus-pinyin-1.5.0/src/PYEnglishEditor.h Examining data/ibus-pinyin-1.5.0/src/PYBopomofoEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYExtEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYMain.cc Examining data/ibus-pinyin-1.5.0/src/PYSignal.h Examining data/ibus-pinyin-1.5.0/src/PYDoublePinyinEditor.h Examining data/ibus-pinyin-1.5.0/src/PYUtil.h Examining data/ibus-pinyin-1.5.0/src/PYConfig.h Examining data/ibus-pinyin-1.5.0/src/PYProperty.h Examining data/ibus-pinyin-1.5.0/src/PYPinyinObserver.cc Examining data/ibus-pinyin-1.5.0/src/PYLookupTable.h Examining data/ibus-pinyin-1.5.0/src/PYEditor.h Examining data/ibus-pinyin-1.5.0/src/PYPointer.h Examining data/ibus-pinyin-1.5.0/src/PYPinyinEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYTypes.h Examining data/ibus-pinyin-1.5.0/src/PYBus.h Examining data/ibus-pinyin-1.5.0/src/PYPinyinObserver.h Examining data/ibus-pinyin-1.5.0/src/PYPinyinEditor.h Examining data/ibus-pinyin-1.5.0/src/PYPunctEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYDynamicSpecialPhrase.h Examining data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYPinyinEngine.h Examining data/ibus-pinyin-1.5.0/src/PYPunctTable.h Examining data/ibus-pinyin-1.5.0/src/PYExtEditor.h Examining data/ibus-pinyin-1.5.0/src/PYHalfFullConverter.cc Examining data/ibus-pinyin-1.5.0/src/PYDoublePinyinEditor.cc Examining data/ibus-pinyin-1.5.0/src/PYFullPinyinEditor.h Examining data/ibus-pinyin-1.5.0/src/PYBopomofoEngine.cc Examining data/ibus-pinyin-1.5.0/src/PYEngine.cc Examining data/ibus-pinyin-1.5.0/src/PYEngine.h Examining data/ibus-pinyin-1.5.0/src/PYPinyinEngine.cc Examining data/ibus-pinyin-1.5.0/src/PYConfig.cc FINAL RESULTS: data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:158:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. m_sql.printf (SQL_ATTACH_DB, user_db); data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:180:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. m_sql.printf (SQL_DB_LIST, prefix); data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:206:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. m_sql.printf (SQL_DB_SELECT, word); data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:225:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. m_sql.printf (SQL_DB_UPDATE, freq, word); data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:235:15: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. m_sql.printf (SQL_DB_INSERT, word, freq); data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:260:19: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. m_sql.printf (SQL_ATTACH_DB); data/ibus-pinyin-1.5.0/src/PYString.h:37:14: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. String & printf (const gchar *fmt, ...) data/ibus-pinyin-1.5.0/lua/lmyoslib.c:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cc[3]; data/ibus-pinyin-1.5.0/lua/lmyoslib.c:110:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[200]; /* should be big enough for any conversion result */ data/ibus-pinyin-1.5.0/src/PYDynamicSpecialPhrase.cc:176:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * numbers [2][10] = { data/ibus-pinyin-1.5.0/src/PYDynamicSpecialPhrase.cc:224:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. translate_to_longform(gint64 num, const char * number[10], unit_t units[]) data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:291:22: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). g_unlink(tmpfile); data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:293:34: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if (sqlite3_open_v2 (tmpfile, &userdb, data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:307:22: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). g_rename(tmpfile, m_user_db); data/ibus-pinyin-1.5.0/src/PYEnglishEditor.cc:313:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). g_unlink (tmpfile); data/ibus-pinyin-1.5.0/lua/lua-ext-console.c:81:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g_return_val_if_fail(2 == strlen(command_name), 2); data/ibus-pinyin-1.5.0/lua/lua-ext-console.c:96:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t read; data/ibus-pinyin-1.5.0/lua/lua-plugin-init.c:282:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(white_space); data/ibus-pinyin-1.5.0/src/PYConfig.cc:178:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_orientation = read (CONFIG_ORIENTATION, 0); data/ibus-pinyin-1.5.0/src/PYConfig.cc:184:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_page_size = read (CONFIG_PAGE_SIZE, 5); data/ibus-pinyin-1.5.0/src/PYConfig.cc:191:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read (CONFIG_FUZZY_PINYIN, false)) data/ibus-pinyin-1.5.0/src/PYConfig.cc:198:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read (options[i].name, data/ibus-pinyin-1.5.0/src/PYConfig.cc:212:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). Config::read (const gchar * name, data/ibus-pinyin-1.5.0/src/PYConfig.cc:229:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). Config::read (const gchar * name, data/ibus-pinyin-1.5.0/src/PYConfig.cc:246:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). Config::read (const gchar * name, data/ibus-pinyin-1.5.0/src/PYConfig.cc:411:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_double_pinyin = read (CONFIG_DOUBLE_PINYIN, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:412:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_double_pinyin_schema = read (CONFIG_DOUBLE_PINYIN_SCHEMA, 0); data/ibus-pinyin-1.5.0/src/PYConfig.cc:419:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_double_pinyin_show_raw = read (CONFIG_DOUBLE_PINYIN_SHOW_RAW, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:422:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_chinese = read (CONFIG_INIT_CHINESE, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:423:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_full = read (CONFIG_INIT_FULL, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:424:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_full_punct = read (CONFIG_INIT_FULL_PUNCT, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:425:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_simp_chinese = read (CONFIG_INIT_SIMP_CHINESE, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:427:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_special_phrases = read (CONFIG_SPECIAL_PHRASES, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:432:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_shift_select_candidate = read (CONFIG_SHIFT_SELECT_CANDIDATE, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:433:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_minus_equal_page = read (CONFIG_MINUS_EQUAL_PAGE, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:434:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_comma_period_page = read (CONFIG_COMMA_PERIOD_PAGE, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:435:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_auto_commit = read (CONFIG_AUTO_COMMIT, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:438:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read (CONFIG_CORRECT_PINYIN, true)) data/ibus-pinyin-1.5.0/src/PYConfig.cc:445:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read (pinyin_options[i].name, data/ibus-pinyin-1.5.0/src/PYConfig.cc:561:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_chinese = read (CONFIG_INIT_CHINESE, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:562:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_full = read (CONFIG_INIT_FULL, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:563:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_full_punct = read (CONFIG_INIT_FULL_PUNCT, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:564:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_init_simp_chinese = read (CONFIG_INIT_SIMP_CHINESE, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:566:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_special_phrases = read (CONFIG_SPECIAL_PHRASES, false); data/ibus-pinyin-1.5.0/src/PYConfig.cc:570:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_bopomofo_keyboard_mapping = read (CONFIG_BOPOMOFO_KEYBOARD_MAPPING, 0); data/ibus-pinyin-1.5.0/src/PYConfig.cc:574:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_select_keys = read (CONFIG_SELECT_KEYS, 0); data/ibus-pinyin-1.5.0/src/PYConfig.cc:576:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_guide_key = read (CONFIG_GUIDE_KEY, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:577:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_auxiliary_select_key_f = read (CONFIG_AUXILIARY_SELECT_KEY_F, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:578:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_auxiliary_select_key_kp = read (CONFIG_AUXILIARY_SELECT_KEY_KP, true); data/ibus-pinyin-1.5.0/src/PYConfig.cc:579:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_enter_key = read (CONFIG_ENTER_KEY, true); data/ibus-pinyin-1.5.0/src/PYConfig.h:74:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read (const gchar * name, bool defval); data/ibus-pinyin-1.5.0/src/PYConfig.h:75:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). gint read (const gchar * name, gint defval); data/ibus-pinyin-1.5.0/src/PYConfig.h:76:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read (const gchar * name, const gchar * defval); data/ibus-pinyin-1.5.0/src/PYExtEditor.cc:453:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m_cursor += strlen(candidate->suggest); ANALYSIS SUMMARY: Hits = 54 Lines analyzed = 10021 in approximately 0.25 seconds (40525 lines/second) Physical Source Lines of Code (SLOC) = 7296 Hits@level = [0] 32 [1] 39 [2] 8 [3] 0 [4] 7 [5] 0 Hits@level+ = [0+] 86 [1+] 54 [2+] 15 [3+] 7 [4+] 7 [5+] 0 Hits/KSLOC@level+ = [0+] 11.7873 [1+] 7.40132 [2+] 2.05592 [3+] 0.95943 [4+] 0.95943 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.