Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libticonv-1.1.5/src/charset.c
Examining data/libticonv-1.1.5/src/charset.h
Examining data/libticonv-1.1.5/src/export4.h
Examining data/libticonv-1.1.5/src/filename.c
Examining data/libticonv-1.1.5/src/iconv.c
Examining data/libticonv-1.1.5/src/stdints4.h
Examining data/libticonv-1.1.5/src/ticonv.c
Examining data/libticonv-1.1.5/src/ticonv.h
Examining data/libticonv-1.1.5/src/tokens.c
Examining data/libticonv-1.1.5/src/type2str.c
Examining data/libticonv-1.1.5/tests/test_ticonv.c
Examining data/libticonv-1.1.5/tests/torture_ticonv.c

FINAL RESULTS:

data/libticonv-1.1.5/src/charset.c:172:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(ti, tmp);
data/libticonv-1.1.5/src/ticonv.c:201:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy(ti, tmp);
data/libticonv-1.1.5/src/ticonv.c:469:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(dst, tmp);
data/libticonv-1.1.5/src/ticonv.c:583:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(dst, tmp);
data/libticonv-1.1.5/src/ticonv.c:692:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(dst, tmp);
data/libticonv-1.1.5/src/ticonv.c:832:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(dst, tmp);
data/libticonv-1.1.5/src/charset.c:84:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(utf16, tmp, 2 * ticonv_utf16_strlen(tmp));
data/libticonv-1.1.5/src/filename.c:121:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(q, str2, (iw+1) * sizeof(unsigned short));
data/libticonv-1.1.5/src/filename.c:179:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(q, str2, (iw+1) * sizeof(gunichar2));
data/libticonv-1.1.5/src/filename.c:304:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(q, str, strlen(str) + 1);
data/libticonv-1.1.5/src/iconv.c:96:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(temp+tempsize,temp2,temp2size);
data/libticonv-1.1.5/src/iconv.c:156:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char out[3];
data/libticonv-1.1.5/src/ticonv.c:303:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(utf16, tmp, 2*ticonv_utf16_strlen(tmp));
data/libticonv-1.1.5/tests/test_ticonv.c:116:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char ti82_varname[9] = { 0 };
data/libticonv-1.1.5/tests/test_ticonv.c:117:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char ti92_varname[9] = { 0 };
data/libticonv-1.1.5/tests/test_ticonv.c:118:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char ti84p_varname[36] = { 0 };
data/libticonv-1.1.5/tests/torture_ticonv.c:34:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ti[256];
data/libticonv-1.1.5/src/filename.c:268:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	q = dst = g_malloc0(18*strlen(src)+1);
data/libticonv-1.1.5/src/filename.c:304:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			memcpy(q, str, strlen(str) + 1);
data/libticonv-1.1.5/src/filename.c:306:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			q += strlen(str);
data/libticonv-1.1.5/src/iconv.c:88:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(input,*inbuf,*inbytesleft);
data/libticonv-1.1.5/src/iconv.c:222:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        l1=strlen(tmp1);
data/libticonv-1.1.5/src/iconv.c:225:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        l2=strlen(tmp2);
data/libticonv-1.1.5/src/ticonv.c:332:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		unsigned short * utf16 = g_malloc0(4 * strlen(ti) + 2);	// upper bound
data/libticonv-1.1.5/src/ticonv.c:430:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(dst, tmp, maxlen - 1);
data/libticonv-1.1.5/src/ticonv.c:541:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(dst, tmp, maxlen - 1);
data/libticonv-1.1.5/src/ticonv.c:653:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(dst, tmp, maxlen - 1);
data/libticonv-1.1.5/src/ticonv.c:793:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(dst, tmp, maxlen - 1);
data/libticonv-1.1.5/src/tokens.c:477:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(dst, src, 8);
data/libticonv-1.1.5/src/tokens.c:647:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(str+1, src_, 7);
data/libticonv-1.1.5/src/tokens.c:653:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (src[0] == '[' && src[2] == ']' && strlen(src_) == 3)
data/libticonv-1.1.5/src/tokens.c:658:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'L' && (src[1] >= 128 && src[1] <= 137) && strlen(src_) == 2)
data/libticonv-1.1.5/src/tokens.c:663:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'Y' && (src[1] >= 128 && src[1] <= 137) && strlen(src_) == 2)
data/libticonv-1.1.5/src/tokens.c:668:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'X' && (src[1] >= 128 && src[1] <= 133) && strlen(src_) == 3)
data/libticonv-1.1.5/src/tokens.c:673:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'Y' && (src[1] >= 128 && src[1] <= 133) && strlen(src_) == 3)
data/libticonv-1.1.5/src/tokens.c:678:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'r' && (src[1] >= 128 && src[1] <= 133) && strlen(src_) == 2)
data/libticonv-1.1.5/src/tokens.c:683:86:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (model == CALC_TI73 && src[0] == 'C' && (src[1] >= 128 && src[1] <= 131) && strlen(src_) == 2)
data/libticonv-1.1.5/src/tokens.c:688:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 2 && strlen(src_) == 1)
data/libticonv-1.1.5/src/tokens.c:692:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 3 && strlen(src_) == 1)
data/libticonv-1.1.5/src/tokens.c:696:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 4 && strlen(src_) == 1)
data/libticonv-1.1.5/src/tokens.c:700:96:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'P' && src[1] == 'i' && src[2] == 'c' && src[3] >= '0' && src[3] <= '9' && strlen(src_) == 4)
data/libticonv-1.1.5/src/tokens.c:705:96:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'G' && src[1] == 'D' && src[2] == 'B' && src[3] >= '0' && src[3] <= '9' && strlen(src_) == 4)
data/libticonv-1.1.5/src/tokens.c:710:96:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (src[0] == 'S' && src[1] == 't' && src[2] == 'r' && src[3] >= '0' && src[3] <= '9' && strlen(src_) == 4)
data/libticonv-1.1.5/tests/test_ticonv.c:138:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		printf("UTF-8 varname: <%s> (%i)\n", ti82_varname, (int)strlen(ti82_varname));
data/libticonv-1.1.5/tests/test_ticonv.c:142:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		printf("UTF-8 varname: <%s> (%i)\n", ti92_varname, (int)strlen(ti92_varname));
data/libticonv-1.1.5/tests/test_ticonv.c:146:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		printf("UTF-8 varname: <%s> (%i)\n", ti84p_varname, (int)strlen(ti84p_varname));
data/libticonv-1.1.5/tests/test_ticonv.c:151:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		printf("raw varname: <%s> (%i)\n", ti92_varname, (int)strlen(ti92_varname));
data/libticonv-1.1.5/tests/test_ticonv.c:156:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		printf("raw varname: <%s> (%i)\n", ti82_varname, (int)strlen(ti82_varname));
data/libticonv-1.1.5/tests/test_ticonv.c:161:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		printf("raw varname: <%s> (%i)\n", ti84p_varname, (int)strlen(ti84p_varname));
data/libticonv-1.1.5/tests/test_ticonv.c:167:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		printf("raw varname: <%s> (%i)\n", ti84p_varname, (int)strlen(ti84p_varname));

ANALYSIS SUMMARY:

Hits = 50
Lines analyzed = 4510 in approximately 0.14 seconds (33075 lines/second)
Physical Source Lines of Code (SLOC) = 3033
Hits@level = [0]  21 [1]  33 [2]  11 [3]   0 [4]   6 [5]   0
Hits@level+ = [0+]  71 [1+]  50 [2+]  17 [3+]   6 [4+]   6 [5+]   0
Hits/KSLOC@level+ = [0+] 23.4092 [1+] 16.4853 [2+] 5.60501 [3+] 1.97824 [4+] 1.97824 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.