Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libfm-1.3.1/src/gtk-compat.h Examining data/libfm-1.3.1/src/extra/fm-xml-file.h Examining data/libfm-1.3.1/src/extra/fm-xml-file.c Examining data/libfm-1.3.1/src/fm-extra.h Examining data/libfm-1.3.1/src/fm.h Examining data/libfm-1.3.1/src/job/fm-file-info-job.c Examining data/libfm-1.3.1/src/job/fm-file-ops-job-delete.h Examining data/libfm-1.3.1/src/job/fm-file-ops-job-change-attr.h Examining data/libfm-1.3.1/src/job/fm-dir-list-job.c Examining data/libfm-1.3.1/src/job/fm-file-ops-job-xfer.h Examining data/libfm-1.3.1/src/job/fm-file-ops-job-delete.c Examining data/libfm-1.3.1/src/job/fm-job.c Examining data/libfm-1.3.1/src/job/fm-simple-job.c Examining data/libfm-1.3.1/src/job/fm-file-info-job.h Examining data/libfm-1.3.1/src/job/fm-dir-list-job.h Examining data/libfm-1.3.1/src/job/fm-simple-job.h Examining data/libfm-1.3.1/src/job/fm-deep-count-job.c Examining data/libfm-1.3.1/src/job/fm-file-ops-job.c Examining data/libfm-1.3.1/src/job/fm-file-ops-job-change-attr.c Examining data/libfm-1.3.1/src/job/fm-job.h Examining data/libfm-1.3.1/src/job/fm-file-ops-job-xfer.c Examining data/libfm-1.3.1/src/job/fm-deep-count-job.h Examining data/libfm-1.3.1/src/job/fm-file-ops-job.h Examining data/libfm-1.3.1/src/base/fm-templates.c Examining data/libfm-1.3.1/src/base/fm-mime-type.c Examining data/libfm-1.3.1/src/base/fm-marshal.c Examining data/libfm-1.3.1/src/base/fm-archiver.h Examining data/libfm-1.3.1/src/base/fm-folder-config.h Examining data/libfm-1.3.1/src/base/fm-bookmarks.c Examining data/libfm-1.3.1/src/base/fm-file-launcher.c Examining data/libfm-1.3.1/src/base/fm-thumbnailer.h Examining data/libfm-1.3.1/src/base/fm-nav-history.h Examining data/libfm-1.3.1/src/base/fm-monitor.c Examining data/libfm-1.3.1/src/base/fm-terminal.h Examining data/libfm-1.3.1/src/base/fm-utils.h Examining data/libfm-1.3.1/src/base/fm-file.c Examining data/libfm-1.3.1/src/base/fm-app-info.h Examining data/libfm-1.3.1/src/base/fm-action.c Examining data/libfm-1.3.1/src/base/fm-config.h Examining data/libfm-1.3.1/src/base/fm-utils.c Examining data/libfm-1.3.1/src/base/fm-list.h Examining data/libfm-1.3.1/src/base/fm-list.c Examining data/libfm-1.3.1/src/base/fm-path.c Examining data/libfm-1.3.1/src/base/fm-module.c Examining data/libfm-1.3.1/src/base/fm-folder.c Examining data/libfm-1.3.1/src/base/fm-monitor.h Examining data/libfm-1.3.1/src/base/fm-file-info.c Examining data/libfm-1.3.1/src/base/fm-dummy-monitor.h Examining data/libfm-1.3.1/src/base/fm-thumbnail-loader.h Examining data/libfm-1.3.1/src/base/fm-file-launcher.h Examining data/libfm-1.3.1/src/base/fm-bookmarks.h Examining data/libfm-1.3.1/src/base/fm-folder.h Examining data/libfm-1.3.1/src/base/fm-templates.h Examining data/libfm-1.3.1/src/base/fm-file.h Examining data/libfm-1.3.1/src/base/fm-app-info.c Examining data/libfm-1.3.1/src/base/fm-mime-type.h Examining data/libfm-1.3.1/src/base/fm-thumbnailer.c Examining data/libfm-1.3.1/src/base/fm-archiver.c Examining data/libfm-1.3.1/src/base/fm-module.h Examining data/libfm-1.3.1/src/base/fm-folder-config.c Examining data/libfm-1.3.1/src/base/fm-icon.c Examining data/libfm-1.3.1/src/base/fm-marshal.h Examining data/libfm-1.3.1/src/base/fm-terminal.c Examining data/libfm-1.3.1/src/base/fm-file-info.h Examining data/libfm-1.3.1/src/base/fm-dummy-monitor.c Examining data/libfm-1.3.1/src/base/fm-icon.h Examining data/libfm-1.3.1/src/base/fm-config.c Examining data/libfm-1.3.1/src/base/fm-action.h Examining data/libfm-1.3.1/src/base/fm-thumbnail-loader.c Examining data/libfm-1.3.1/src/base/fm-nav-history.c Examining data/libfm-1.3.1/src/base/fm-path.h Examining data/libfm-1.3.1/src/fm.c Examining data/libfm-1.3.1/src/fm-gtk.h Examining data/libfm-1.3.1/src/gtk/fm-path-bar.h Examining data/libfm-1.3.1/src/gtk/fm-progress-dlg.c Examining data/libfm-1.3.1/src/gtk/fm-path-bar.c Examining data/libfm-1.3.1/src/gtk/fm-tab-label.h Examining data/libfm-1.3.1/src/gtk/fm-path-entry.c Examining data/libfm-1.3.1/src/gtk/fm-file-properties.c Examining data/libfm-1.3.1/src/gtk/fm-dnd-auto-scroll.h Examining data/libfm-1.3.1/src/gtk/fm-cell-renderer-pixbuf.h Examining data/libfm-1.3.1/src/gtk/fm-cell-renderer-text.h Examining data/libfm-1.3.1/src/gtk/fm-menu-tool-item.h Examining data/libfm-1.3.1/src/gtk/fm-tab-label.c Examining data/libfm-1.3.1/src/gtk/fm-app-chooser-dlg.h Examining data/libfm-1.3.1/src/gtk/fm-cell-renderer-text.c Examining data/libfm-1.3.1/src/gtk/fm-app-chooser-combo-box.h Examining data/libfm-1.3.1/src/gtk/fm-gtk-marshal.c Examining data/libfm-1.3.1/src/gtk/fm-gtk-file-launcher.c Examining data/libfm-1.3.1/src/gtk/fm-app-menu-view.h Examining data/libfm-1.3.1/src/gtk/fm-dnd-src.h Examining data/libfm-1.3.1/src/gtk/fm-dir-tree-view.c Examining data/libfm-1.3.1/src/gtk/fm-progress-dlg.h Examining data/libfm-1.3.1/src/gtk/fm-icon-pixbuf.h Examining data/libfm-1.3.1/src/gtk/fm-side-pane.h Examining data/libfm-1.3.1/src/gtk/fm-cell-renderer-pixbuf.c Examining data/libfm-1.3.1/src/gtk/fm-file-menu.h Examining data/libfm-1.3.1/src/gtk/fm-gtk-utils.c Examining data/libfm-1.3.1/src/gtk/fm-thumbnail.c Examining data/libfm-1.3.1/src/gtk/fm-places-view.c Examining data/libfm-1.3.1/src/gtk/exo/exo-tree-view.h Examining data/libfm-1.3.1/src/gtk/exo/exo-string.h Examining data/libfm-1.3.1/src/gtk/exo/exo-private.h Examining data/libfm-1.3.1/src/gtk/exo/exo-icon-view.h Examining data/libfm-1.3.1/src/gtk/exo/exo-icon-view.c Examining data/libfm-1.3.1/src/gtk/exo/exo-string.c Examining data/libfm-1.3.1/src/gtk/exo/exo-marshal.h Examining data/libfm-1.3.1/src/gtk/exo/exo-private.c Examining data/libfm-1.3.1/src/gtk/exo/exo-marshal.c Examining data/libfm-1.3.1/src/gtk/exo/exo-tree-view.c Examining data/libfm-1.3.1/src/gtk/fm-folder-model.h Examining data/libfm-1.3.1/src/gtk/fm-clipboard.c Examining data/libfm-1.3.1/src/gtk/fm-thumbnail.h Examining data/libfm-1.3.1/src/gtk/fm-path-entry.h Examining data/libfm-1.3.1/src/gtk/fm-dnd-dest.h Examining data/libfm-1.3.1/src/gtk/fm-dnd-dest.c Examining data/libfm-1.3.1/src/gtk/fm-clipboard.h Examining data/libfm-1.3.1/src/gtk/fm-places-view.h Examining data/libfm-1.3.1/src/gtk/fm-sortable.h Examining data/libfm-1.3.1/src/gtk/fm-dir-tree-model.h Examining data/libfm-1.3.1/src/gtk/fm-dir-tree-model.c Examining data/libfm-1.3.1/src/gtk/fm-app-chooser-dlg.c Examining data/libfm-1.3.1/src/gtk/fm-dir-tree-view.h Examining data/libfm-1.3.1/src/gtk/fm-places-model.c Examining data/libfm-1.3.1/src/gtk/fm-dnd-src.c Examining data/libfm-1.3.1/src/gtk/fm-folder-model.c Examining data/libfm-1.3.1/src/gtk/fm-file-search-ui.c Examining data/libfm-1.3.1/src/gtk/fm-dnd-auto-scroll.c Examining data/libfm-1.3.1/src/gtk/fm-icon-pixbuf.c Examining data/libfm-1.3.1/src/gtk/fm-gtk-utils.h Examining data/libfm-1.3.1/src/gtk/fm-standard-view.h Examining data/libfm-1.3.1/src/gtk/fm-app-menu-view.c Examining data/libfm-1.3.1/src/gtk/fm-gtk-file-launcher.h Examining data/libfm-1.3.1/src/gtk/fm-gtk-marshal.h Examining data/libfm-1.3.1/src/gtk/fm-folder-view.c Examining data/libfm-1.3.1/src/gtk/fm-folder-view.h Examining data/libfm-1.3.1/src/gtk/fm-file-menu.c Examining data/libfm-1.3.1/src/gtk/fm-places-model.h Examining data/libfm-1.3.1/src/gtk/fm-standard-view.c Examining data/libfm-1.3.1/src/gtk/fm-file-properties.h Examining data/libfm-1.3.1/src/gtk/fm-app-chooser-combo-box.c Examining data/libfm-1.3.1/src/gtk/fm-menu-tool-item.c Examining data/libfm-1.3.1/src/gtk/fm-side-pane.c Examining data/libfm-1.3.1/src/tools/lxshortcut.c Examining data/libfm-1.3.1/src/tools/libfm-pref-apps.c Examining data/libfm-1.3.1/src/fm-seal.h Examining data/libfm-1.3.1/src/modules/vfs-menu.c Examining data/libfm-1.3.1/src/modules/gtk-menu-trash.c Examining data/libfm-1.3.1/src/modules/gtk-fileprop-x-desktop.c Examining data/libfm-1.3.1/src/modules/gtk-fileprop-x-shortcut.c Examining data/libfm-1.3.1/src/modules/gtk-menu-actions.c Examining data/libfm-1.3.1/src/modules/vfs-search.c Examining data/libfm-1.3.1/src/udisks/g-udisks-device.h Examining data/libfm-1.3.1/src/udisks/dbus-utils.c Examining data/libfm-1.3.1/src/udisks/g-udisks-volume-monitor.c Examining data/libfm-1.3.1/src/udisks/g-udisks-drive.c Examining data/libfm-1.3.1/src/udisks/g-udisks-volume.h Examining data/libfm-1.3.1/src/udisks/dbus-utils.h Examining data/libfm-1.3.1/src/udisks/udisks-device.h Examining data/libfm-1.3.1/src/udisks/udisks.h Examining data/libfm-1.3.1/src/udisks/fm-udisks.h Examining data/libfm-1.3.1/src/udisks/fm-udisks.c Examining data/libfm-1.3.1/src/udisks/g-udisks-mount.h Examining data/libfm-1.3.1/src/udisks/g-udisks-device.c Examining data/libfm-1.3.1/src/udisks/g-udisks-volume-monitor.h Examining data/libfm-1.3.1/src/udisks/g-udisks-volume.c Examining data/libfm-1.3.1/src/udisks/g-udisks-mount.c Examining data/libfm-1.3.1/src/udisks/g-udisks-drive.h Examining data/libfm-1.3.1/src/fm-version.h Examining data/libfm-1.3.1/src/glib-compat.h Examining data/libfm-1.3.1/src/tests/test-fm-path.c Examining data/libfm-1.3.1/src/tests/libfm-file-search-cli-demo.c Examining data/libfm-1.3.1/src/glib-compat.c Examining data/libfm-1.3.1/src/fm-gtk.c Examining data/libfm-1.3.1/src/gio/fm-app-lookup.c Examining data/libfm-1.3.1/src/gio/fm-app-lookup.h Examining data/libfm-1.3.1/src/gio/module.c Examining data/libfm-1.3.1/src/actions/profile.c Examining data/libfm-1.3.1/src/actions/utils.c Examining data/libfm-1.3.1/src/actions/action.c Examining data/libfm-1.3.1/src/actions/fm-actions.h Examining data/libfm-1.3.1/src/actions/condition.c Examining data/libfm-1.3.1/src/actions/parameters.c Examining data/libfm-1.3.1/src/demo/main-win.c Examining data/libfm-1.3.1/src/demo/libfm-demo.c Examining data/libfm-1.3.1/src/demo/main-win-ui.c Examining data/libfm-1.3.1/src/demo/main-win.h Examining data/libfm-1.3.1/src/gtk-compat.c FINAL RESULTS: data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:885:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod( tmpfile, 0600 ); /* only the owner can read it. */ data/libfm-1.3.1/src/actions/condition.c:262:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf (_tmp39_, s, &tmp, &self->selection_count); data/libfm-1.3.1/src/actions/condition.c:477:12: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. _tmp5_ = system (_tmp4_); data/libfm-1.3.1/src/base/fm-archiver.c:108:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(_cmd + len, dir_str); data/libfm-1.3.1/src/base/fm-archiver.c:109:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(_cmd, dir_place_holder + 2); data/libfm-1.3.1/src/base/fm-utils.c:164:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, buf_size, data/libfm-1.3.1/src/base/fm-utils.c:549:19: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. homedir = g_get_home_dir(); data/libfm-1.3.1/src/gtk/fm-dir-tree-model.c:274:20: [3] (random) g_random_int: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. model->stamp = g_random_int(); data/libfm-1.3.1/src/gtk/fm-folder-model.c:220:20: [3] (random) g_random_int: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. model->stamp = g_random_int(); data/libfm-1.3.1/src/base/fm-bookmarks.c:164:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/libfm-1.3.1/src/base/fm-bookmarks.c:169:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fpath, "r"); data/libfm-1.3.1/src/base/fm-config.c:475:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(name, "w"); data/libfm-1.3.1/src/base/fm-file-info.c:1163:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ 64 ]; data/libfm-1.3.1/src/base/fm-file-info.c:1372:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(path, O_RDONLY); data/libfm-1.3.1/src/base/fm-file-info.c:1376:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2]; data/libfm-1.3.1/src/base/fm-file-info.c:1621:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ 128 ]; data/libfm-1.3.1/src/base/fm-file-info.c:1813:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unamebuf[1024]; data/libfm-1.3.1/src/base/fm-file-info.c:1844:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unamebuf[1024]; data/libfm-1.3.1/src/base/fm-mime-type.c:173:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file_path, O_RDONLY); data/libfm-1.3.1/src/base/fm-mime-type.c:197:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/libfm-1.3.1/src/base/fm-path.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1]; /* basename: in local encoding if native, uri-escaped otherwise */ data/libfm-1.3.1/src/base/fm-path.c:103:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(path->name, name, name_len); data/libfm-1.3.1/src/base/fm-path.c:241:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, uri, scheme_len); /* the scheme */ data/libfm-1.3.1/src/base/fm-path.c:243:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, "://", 3); /* :// */ data/libfm-1.3.1/src/base/fm-path.c:247:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, host, host_len); data/libfm-1.3.1/src/base/fm-path.c:328:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(path->name, basename, name_len); data/libfm-1.3.1/src/base/fm-path.c:338:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(path->name, escaped, name_len); data/libfm-1.3.1/src/base/fm-path.c:930:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( pbuf, path->name, name_len ); data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:346:12: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atol(thumb_mtime) != mtime) data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:477:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( normal_basename, md5, 32 ); data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:482:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( large_basename, md5, 32 ); data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:880:20: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fd = g_mkstemp(tmpfile); /* save to a temp file first */ data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:883:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtime_str[100]; data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:885:16: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). chmod( tmpfile, 0600 ); /* only the owner can read it. */ data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:888:34: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). backend.write_image(pix, tmpfile); data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:890:18: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). g_rename(tmpfile, path); data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:891:16: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). g_free(tmpfile); data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:924:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4096]; data/libfm-1.3.1/src/base/fm-utils.c:216:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *val = atoi(str); data/libfm-1.3.1/src/base/fm-utils.c:283:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ret, cwd, cwd_len); data/libfm-1.3.1/src/base/fm-utils.c:306:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ret, cwd, cwd_len); data/libfm-1.3.1/src/base/fm-utils.c:317:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ret, cwd, cwd_len); data/libfm-1.3.1/src/demo/main-win.c:910:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char total_str[ 64 ]; data/libfm-1.3.1/src/demo/main-win.c:911:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char free_str[ 64 ]; data/libfm-1.3.1/src/demo/main-win.c:912:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/libfm-1.3.1/src/gtk/fm-file-properties.c:483:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char size_str[128]; data/libfm-1.3.1/src/gtk/fm-file-properties.c:581:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). data->uid = atoi(tmp); data/libfm-1.3.1/src/gtk/fm-file-properties.c:611:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). data->gid = atoi(tmp); data/libfm-1.3.1/src/gtk/fm-file-properties.c:1254:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/libfm-1.3.1/src/gtk/fm-folder-model.c:709:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[12]; data/libfm-1.3.1/src/gtk/fm-folder-model.c:773:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "---------"); data/libfm-1.3.1/src/gtk/fm-folder-view.c:851:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(&name[7]); data/libfm-1.3.1/src/gtk/fm-folder-view.c:1245:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char act_name[16]; data/libfm-1.3.1/src/gtk/fm-gtk-file-launcher.c:150:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gtk_widget_destroy(open); data/libfm-1.3.1/src/gtk/fm-gtk-file-launcher.c:1039:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[12]; data/libfm-1.3.1/src/gtk/fm-progress-dlg.c:439:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trans_size_str[128]; data/libfm-1.3.1/src/gtk/fm-progress-dlg.c:440:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char total_size_str[128]; data/libfm-1.3.1/src/gtk/fm-progress-dlg.c:475:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char time_str[32]; data/libfm-1.3.1/src/gtk/fm-thumbnail.c:157:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *keys[11]; /* enough for known keys + 1 */ data/libfm-1.3.1/src/gtk/fm-thumbnail.c:158:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *vals[11]; data/libfm-1.3.1/src/udisks/g-udisks-volume.c:303:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->vol->dev->mount_paths, data->vol->dev->mount_paths + sizeof(char*), len * sizeof(char*)); data/libfm-1.3.1/src/actions/action.c:872:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp0_ = strlen (self); data/libfm-1.3.1/src/actions/action.c:969:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp6_ = strlen (_tmp5_); data/libfm-1.3.1/src/actions/condition.c:596:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp0_ = strlen (self); data/libfm-1.3.1/src/actions/parameters.c:97:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp0_ = strlen (self); data/libfm-1.3.1/src/actions/parameters.c:170:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp3_ = strlen (_tmp2_); data/libfm-1.3.1/src/actions/parameters.c:1017:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _tmp3_ = strlen (_tmp2_); data/libfm-1.3.1/src/base/fm-action.c:373:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(scheme) - 1; /* it's at last '/' now */ data/libfm-1.3.1/src/base/fm-action.c:415:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(scheme) - 1; /* it's at last '/' now */ data/libfm-1.3.1/src/base/fm-action.c:445:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(scheme) - 1; /* it's at last '/' now */ data/libfm-1.3.1/src/base/fm-action.c:1212:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c = x[0] + strlen(x[0]); data/libfm-1.3.1/src/base/fm-action.c:1868:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tst); data/libfm-1.3.1/src/base/fm-archiver.c:104:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cmd) - 2 + strlen(dir_str) + 1; data/libfm-1.3.1/src/base/fm-archiver.c:104:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cmd) - 2 + strlen(dir_str) + 1; data/libfm-1.3.1/src/base/fm-archiver.c:107:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(_cmd, cmd, len); data/libfm-1.3.1/src/base/fm-file-info.c:147:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int home_dir_len = strlen(user_home); data/libfm-1.3.1/src/base/fm-file-info.c:1377:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t rdlen = read(fd, &buf, 2); data/libfm-1.3.1/src/base/fm-mime-type.c:198:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(fd, buf, MIN(pstat->st_size, 4096)); data/libfm-1.3.1/src/base/fm-module.c:349:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). delimiter = mask + strlen(mask); data/libfm-1.3.1/src/base/fm-module.c:353:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). delimiter = mask + strlen(mask); data/libfm-1.3.1/src/base/fm-path.c:336:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_len = strlen(escaped); data/libfm-1.3.1/src/base/fm-path.c:410:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int baselen = strlen(basename); data/libfm-1.3.1/src/base/fm-path.c:487:60: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path = _fm_path_new_child_len(parent, rel, strlen(rel), TRUE, FALSE); data/libfm-1.3.1/src/base/fm-path.c:544:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). root = _fm_path_new_uri_root(uri, strlen(uri), &rel_path); data/libfm-1.3.1/src/base/fm-path.c:556:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path = _fm_path_new_child_len(root, rel_path+1, strlen(rel_path)-1, data/libfm-1.3.1/src/base/fm-path.c:655:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path = _fm_path_new_uri_root(c, strlen(c), NULL); data/libfm-1.3.1/src/base/fm-path.c:916:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gint name_len = strlen(path->name); data/libfm-1.3.1/src/base/fm-path.c:1259:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). home_len = strlen(home_dir); data/libfm-1.3.1/src/base/fm-path.c:1277:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). home_path = _fm_path_new_internal(parent, name, strlen(name), FM_PATH_IS_LOCAL|FM_PATH_IS_NATIVE); data/libfm-1.3.1/src/base/fm-path.c:1281:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). desktop_len = strlen(desktop_dir); data/libfm-1.3.1/src/base/fm-path.c:1311:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). desktop_path = _fm_path_new_internal(parent, name, strlen(name), FM_PATH_IS_LOCAL|FM_PATH_IS_NATIVE); data/libfm-1.3.1/src/base/fm-path.c:1438:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen( str ); data/libfm-1.3.1/src/base/fm-path.c:1445:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((size_t)n < (strlen(path->name) + 1)) data/libfm-1.3.1/src/base/fm-path.c:1449:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). last_part = str + n - strlen(path->name) - 1; data/libfm-1.3.1/src/base/fm-path.c:1450:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strncmp( last_part + 1, path->name, strlen(path->name)) != 0 ) data/libfm-1.3.1/src/base/fm-path.c:1456:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return fm_path_equal_str( path->parent, str, n - strlen(path->name) - 1 ); data/libfm-1.3.1/src/base/fm-thumbnail-loader.c:873:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(path,thumb_dir,strlen(thumb_dir)) == 0) data/libfm-1.3.1/src/base/fm-utils.c:261:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(filename); data/libfm-1.3.1/src/base/fm-utils.c:281:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cwd_len = strlen(cwd); data/libfm-1.3.1/src/base/fm-utils.c:304:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cwd_len = strlen(cwd); data/libfm-1.3.1/src/base/fm-utils.c:315:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int cwd_len = strlen(cwd); data/libfm-1.3.1/src/base/fm-utils.c:364:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(str); data/libfm-1.3.1/src/base/fm-utils.c:367:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int old_str_len = strlen(old_str); data/libfm-1.3.1/src/extra/fm-xml-file.c:328:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (to, buf, 8); data/libfm-1.3.1/src/extra/fm-xml-file.c:329:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). to += strlen (buf) - 1; data/libfm-1.3.1/src/extra/fm-xml-file.c:1456:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *text_size = strlen(item->text); data/libfm-1.3.1/src/gtk/exo/exo-icon-view.c:8725:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen (text); data/libfm-1.3.1/src/gtk/exo/exo-icon-view.c:8806:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen (text); data/libfm-1.3.1/src/gtk/exo/exo-icon-view.c:8985:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp (case_normalized_key, case_normalized_string, strlen (case_normalized_key)) == 0) data/libfm-1.3.1/src/gtk/exo/exo-string.c:59:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = g_malloc (strlen (text) + 1); data/libfm-1.3.1/src/gtk/fm-dnd-dest.c:868:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(uri) + 1); data/libfm-1.3.1/src/gtk/fm-file-properties.c:1195:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(text) > 16) data/libfm-1.3.1/src/gtk/fm-file-properties.c:1209:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(text) > 16) data/libfm-1.3.1/src/gtk/fm-file-properties.c:1264:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(text) > 16) data/libfm-1.3.1/src/gtk/fm-file-properties.c:1303:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(parent_str) > 16) data/libfm-1.3.1/src/gtk/fm-path-entry.c:590:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). priv->typed_basename_len = strlen(sep + 1); data/libfm-1.3.1/src/gtk/fm-path-entry.c:747:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). model_file_name_len = strlen(model_file_name); data/libfm-1.3.1/src/gtk/fm-path-entry.c:754:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(trail, model_file_name, priv->typed_basename_len); data/libfm-1.3.1/src/job/fm-dir-list-job.c:264:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int dir_len = strlen(path_str); data/libfm-1.3.1/src/job/fm-file-ops-job.c:806:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(dname), &out_len, data/libfm-1.3.1/src/modules/vfs-menu.c:1275:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). prefix_len = strlen (prefix); data/libfm-1.3.1/src/modules/vfs-menu.c:3127:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(end = item->path + strlen(item->path); end > item->path; end--) data/libfm-1.3.1/src/modules/vfs-search.c:372:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(str); data/libfm-1.3.1/src/modules/vfs-search.c:527:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(mime_type); data/libfm-1.3.1/src/modules/vfs-search.c:711:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pattern_len = strlen(priv->content_pattern); ANALYSIS SUMMARY: Hits = 125 Lines analyzed = 87386 in approximately 2.22 seconds (39432 lines/second) Physical Source Lines of Code (SLOC) = 60171 Hits@level = [0] 7 [1] 64 [2] 52 [3] 3 [4] 5 [5] 1 Hits@level+ = [0+] 132 [1+] 125 [2+] 61 [3+] 9 [4+] 6 [5+] 1 Hits/KSLOC@level+ = [0+] 2.19375 [1+] 2.07741 [2+] 1.01378 [3+] 0.149574 [4+] 0.0997158 [5+] 0.0166193 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.