Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/librime-1.5.3+git20200621+dfsg1/plugins/plugin.cc
Examining data/librime-1.5.3+git20200621+dfsg1/sample/src/sample_module.cc
Examining data/librime-1.5.3+git20200621+dfsg1/sample/src/trivial_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/sample/src/trivial_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/sample/test/sample_test_main.cc
Examining data/librime-1.5.3+git20200621+dfsg1/sample/test/trivial_translator_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/sample/tools/sample_console.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/algebra.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/algebra.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/calculus.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/calculus.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/dynamics.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/encoder.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/encoder.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/spelling.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/syllabifier.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/syllabifier.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/utilities.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/utilities.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/candidate.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/candidate.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/commit_history.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/commit_history.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/common.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/component.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/composition.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/composition.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/auto_patch_config_plugin.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/build_info_plugin.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_compiler.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_compiler.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_compiler_impl.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_component.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_component.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_cow_ref.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_data.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_data.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_types.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/config_types.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/default_config_plugin.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/legacy_dictionary_config_plugin.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/legacy_preset_config_plugin.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/plugins.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/config/save_output_plugin.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/context.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/context.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/core_module.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/deployer.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/deployer.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/corrector.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/corrector.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/db.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/db.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/db_utils.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/db_utils.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/dict_compiler.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/dict_compiler.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/dict_module.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/dict_settings.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/dict_settings.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/dictionary.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/dictionary.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/entry_collector.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/entry_collector.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/level_db.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/level_db.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/mapped_file.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/mapped_file.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/preset_vocabulary.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/preset_vocabulary.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/prism.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/prism.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/reverse_lookup_dictionary.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/reverse_lookup_dictionary.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/string_table.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/string_table.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/table.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/table.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/table_db.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/table_db.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/text_db.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/text_db.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/tsv.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/tsv.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/user_db.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/user_db.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/user_db_recovery_task.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/user_db_recovery_task.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/user_dictionary.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/user_dictionary.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/vocabulary.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/vocabulary.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/engine.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/engine.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/filter.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/formatter.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/abc_segmentor.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/abc_segmentor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/affix_segmentor.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/affix_segmentor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/ascii_composer.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/ascii_composer.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/ascii_segmentor.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/ascii_segmentor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/charset_filter.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/charset_filter.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/chord_composer.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/chord_composer.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/contextual_translation.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/contextual_translation.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/echo_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/echo_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/editor.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/editor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/fallback_segmentor.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/fallback_segmentor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/filter_commons.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/filter_commons.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/gears_module.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/grammar.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/history_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/history_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/key_binder.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/key_binder.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/key_binding_processor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/key_binding_processor_impl.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/matcher.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/matcher.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/memory.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/memory.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/navigator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/navigator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/poet.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/poet.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/punctuator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/punctuator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/recognizer.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/recognizer.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/reverse_lookup_filter.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/reverse_lookup_filter.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/reverse_lookup_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/reverse_lookup_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/schema_list_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/schema_list_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/script_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/script_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/selector.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/selector.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/shape.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/shape.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/simplifier.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/simplifier.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/single_char_filter.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/single_char_filter.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/speller.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/speller.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/switch_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/switch_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/table_translator.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/table_translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/translator_commons.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/translator_commons.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/uniquifier.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/uniquifier.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/unity_table_encoder.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/unity_table_encoder.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/key_event.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/key_event.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/key_table.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/key_table.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/language.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/language.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/custom_settings.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/custom_settings.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/customizer.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/customizer.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/levers_module.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/switcher_settings.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/switcher_settings.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/user_dict_manager.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/user_dict_manager.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/menu.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/menu.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/messenger.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/module.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/module.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/no_logging.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/processor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/registry.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/registry.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/resource.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/resource.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/schema.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/schema.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/segmentation.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/segmentation.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/segmentor.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/service.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/service.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/setup.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/setup.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/signature.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/signature.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/switcher.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/switcher.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/ticket.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/ticket.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/translation.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/translation.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime/translator.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime_api.h
Examining data/librime-1.5.3+git20200621+dfsg1/src/rime_levers_api.h
Examining data/librime-1.5.3+git20200621+dfsg1/test/algebra_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/calculus_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/component_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/config_compiler_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/config_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/corrector_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/dictionary_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/encoder_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/key_event_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/key_table_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/menu_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/prism_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/resource_resolver_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/rime_test_main.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/segmentor_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/syllabifier_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/table_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/test/user_db_test.cc
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/X11/keysym.h
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/X11/keysymdef.h
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/darts.h
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/msvc/stdint.h
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/utf8.h
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/utf8/checked.h
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/utf8/core.h
Examining data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/utf8/unchecked.h
Examining data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc
Examining data/librime-1.5.3+git20200621+dfsg1/tools/rime_console.cc
Examining data/librime-1.5.3+git20200621+dfsg1/tools/rime_deployer.cc
Examining data/librime-1.5.3+git20200621+dfsg1/tools/rime_dict_manager.cc
Examining data/librime-1.5.3+git20200621+dfsg1/tools/rime_patch.cc
FINAL RESULTS:
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/user_db_recovery_task.cc:45:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:85:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:262:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:311:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:487:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:573:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:612:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/user_dict_manager.cc:174:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/user_dict_manager.cc:193:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:231:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(dest->text, src->text().c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:235:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(dest->comment, comment.c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:257:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(context->composition.preedit, preedit.text.c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:265:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(context->commit_text_preview, commit_text.c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:294:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(context->menu.select_keys, select_keys.c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:304:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(context->select_labels[i], label.c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:346:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(commit->text, commit_text.c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:373:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(status->schema_id, schema->schema_id().c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:375:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(status->schema_name, schema->schema_name().c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:509:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x.schema_id, schema_id.c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:512:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x.name, schema.schema_name().c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/simplifier.cc:130:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned)time(NULL));
data/librime-1.5.3+git20200621+dfsg1/sample/tools/sample_console.cc:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current[100] = {0};
data/librime-1.5.3+git20200621+dfsg1/sample/tools/sample_console.cc:153:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[kMaxLength + 1] = {0};
data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/calculus.cc:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[buffer_len] = "";
data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/utilities.cc:22:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dx = atoi(xx[i].c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime/algo/utilities.cc:23:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dy = atoi(yy[i].c_str());
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/mapped_file.cc:95:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fbuf.open(file_name_.c_str(),
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/prism.cc:190:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(array, trie_->array(), image_size);
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/prism.h:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[kFormatMaxLength];
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/prism.h:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alphabet[256];
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/reverse_lookup_dictionary.h:24:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[kFormatMaxLength];
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/table.h:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[kFormatMaxLength];
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:630:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ymd[12] = {0};
data/librime-1.5.3+git20200621+dfsg1/src/rime/lever/deployment_tasks.cc:640:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/darts.h:242:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open(const char *file_name, const char *mode = "rb",
data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/darts.h:327:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int DoubleArrayImpl<A, B, T, C>::open(const char *file_name,
data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/darts.h:335:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::FILE *file = std::fopen(file_name, mode);
data/librime-1.5.3+git20200621+dfsg1/thirdparty/include/darts.h:391:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::FILE *file = std::fopen(file_name, mode);
data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current[100] = {0};
data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc:125:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int index = atoi(line + command_length);
data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc:195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[kMaxLength + 1] = {0};
data/librime-1.5.3+git20200621+dfsg1/sample/tools/sample_console.cc:26:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(preedit);
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/mapped_file.cc:190:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(ptr, src.c_str(), size);
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/mapped_file.h:62:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length() const { return c_str() ? strlen(c_str()) : 0; }
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/prism.cc:232:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(metadata->format, kPrismFormat,
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/reverse_lookup_dictionary.cc:186:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(metadata_->format, kReverseFormat,
data/librime-1.5.3+git20200621+dfsg1/src/rime/dict/table.cc:414:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(metadata_->format, kTableFormatLatest,
data/librime-1.5.3+git20200621+dfsg1/src/rime/gear/unity_table_encoder.cc:94:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key->erase(0, strlen(kEncodedPrefix));
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:486:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, str_value.c_str(), buffer_size);
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:542:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(schema_id, schema->schema_id().c_str(), buffer_size);
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:618:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(value, str_value.c_str(), buffer_size);
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.cc:797:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dir, deployer.user_data_sync_dir().c_str(), buffer_size);
data/librime-1.5.3+git20200621+dfsg1/src/rime_api.h:554:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#pragma section(".CRT$XCU",read)
data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc:27:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(preedit);
data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc:114:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t command_length = strlen(kSelectSchemaCommand);
data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc:123:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_length = strlen(kSelectCandidateCommand);
data/librime-1.5.3+git20200621+dfsg1/tools/rime_api_console.cc:150:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_length = strlen(kSetOptionCommand);
ANALYSIS SUMMARY:
Hits = 57
Lines analyzed = 39294 in approximately 0.91 seconds (43059 lines/second)
Physical Source Lines of Code (SLOC) = 32199
Hits@level = [0] 50 [1] 16 [2] 20 [3] 1 [4] 20 [5] 0
Hits@level+ = [0+] 107 [1+] 57 [2+] 41 [3+] 21 [4+] 20 [5+] 0
Hits/KSLOC@level+ = [0+] 3.32308 [1+] 1.77024 [2+] 1.27333 [3+] 0.652194 [4+] 0.621137 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.