Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/qalculate-gtk-3.3.0/src/flags.c Examining data/qalculate-gtk-3.3.0/src/main.cc Examining data/qalculate-gtk-3.3.0/src/ui.c Examining data/qalculate-gtk-3.3.0/src/callbacks.cc Examining data/qalculate-gtk-3.3.0/src/interface.cc Examining data/qalculate-gtk-3.3.0/src/interface.h Examining data/qalculate-gtk-3.3.0/src/support.h Examining data/qalculate-gtk-3.3.0/src/callbacks.h Examining data/qalculate-gtk-3.3.0/src/main.h FINAL RESULTS: data/qalculate-gtk-3.3.0/src/callbacks.cc:10048:132: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. gtk_entry_set_text(GTK_ENTRY(gtk_bin_get_child(GTK_BIN(gtk_builder_get_object(unitedit_builder, "unit_edit_combo_system")))), u->system().c_str()); data/qalculate-gtk-3.3.0/src/callbacks.cc:588:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exepath[MAX_PATH]; data/qalculate-gtk-3.3.0/src/callbacks.cc:13761:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(gstr_file, "r"); data/qalculate-gtk-3.3.0/src/callbacks.cc:13765:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(gstr_oldfile, "r"); data/qalculate-gtk-3.3.0/src/callbacks.cc:13783:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1000000L]; data/qalculate-gtk-3.3.0/src/callbacks.cc:14532:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(gstr2, "w+"); data/qalculate-gtk-3.3.0/src/main.cc:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exepath[MAX_PATH]; data/qalculate-gtk-3.3.0/src/main.cc:312:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(gstr_file, "r"); data/qalculate-gtk-3.3.0/src/main.cc:316:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(gstr_oldfile, "r"); data/qalculate-gtk-3.3.0/src/main.cc:327:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[100]; data/qalculate-gtk-3.3.0/src/main.cc:398:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(gstr_file, "r"); data/qalculate-gtk-3.3.0/src/main.cc:399:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[10000]; data/qalculate-gtk-3.3.0/src/callbacks.cc:651:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t i_equals = resstr.find(_("approx.")) + strlen(_("approx.")); data/qalculate-gtk-3.3.0/src/callbacks.cc:1873:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_u.erase(0, strlen(SIGN_MINUS)); data/qalculate-gtk-3.3.0/src/callbacks.cc:6857:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&scale_tmp)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:6859:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&x) || !x) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:6862:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&b_stack)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:6863:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&x)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:6865:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&x)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:6871:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&po.is_approximate)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:6873:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&x_to)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:7253:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(b_or == 1 && str.length() > i + strlen("or") + 2 && str.substr(i + 1, strlen(_("or"))) == _("or") && str[i + strlen(_("or")) + 1] == ' ') { data/qalculate-gtk-3.3.0/src/callbacks.cc:7253:80: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(b_or == 1 && str.length() > i + strlen("or") + 2 && str.substr(i + 1, strlen(_("or"))) == _("or") && str[i + strlen(_("or")) + 1] == ' ') { data/qalculate-gtk-3.3.0/src/callbacks.cc:7253:119: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(b_or == 1 && str.length() > i + strlen("or") + 2 && str.substr(i + 1, strlen(_("or"))) == _("or") && str[i + strlen(_("or")) + 1] == ' ') { data/qalculate-gtk-3.3.0/src/callbacks.cc:7254:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = i + strlen(_("or")) + 1; data/qalculate-gtk-3.3.0/src/callbacks.cc:7964:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&command_type)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:7966:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&x)) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:8191:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&timeout)) return; data/qalculate-gtk-3.3.0/src/callbacks.cc:8192:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read(&n)) return; data/qalculate-gtk-3.3.0/src/callbacks.cc:8464:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). to_str.erase(0, strlen(SIGN_MINUS)); data/qalculate-gtk-3.3.0/src/callbacks.cc:12259:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(i == 1 && namestr && strlen(namestr) > 0) { data/qalculate-gtk-3.3.0/src/callbacks.cc:12267:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(i == 1 && namestr && strlen(namestr) > 0) { data/qalculate-gtk-3.3.0/src/callbacks.cc:12271:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if(namestr && strlen(namestr) > 0) { data/qalculate-gtk-3.3.0/src/callbacks.cc:12280:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if(namestr && strlen(namestr) > 0) { data/qalculate-gtk-3.3.0/src/callbacks.cc:15329:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gchar *p = gstr + strlen(gstr); data/qalculate-gtk-3.3.0/src/callbacks.cc:15408:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr_pre) - strlen(gstr_next) >= i_match) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:15408:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr_pre) - strlen(gstr_next) >= i_match) break; data/qalculate-gtk-3.3.0/src/callbacks.cc:15431:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr2) <= ename->name.length()) { data/qalculate-gtk-3.3.0/src/callbacks.cc:15432:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(size_t i = 0; i < strlen(gstr2); i++) { data/qalculate-gtk-3.3.0/src/callbacks.cc:15449:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr2) <= ename->name.length()) { data/qalculate-gtk-3.3.0/src/callbacks.cc:15450:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(size_t i = 0; i < strlen(gstr2); i++) { data/qalculate-gtk-3.3.0/src/callbacks.cc:15476:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!pname->empty() && strlen(gstr2) <= pname->length()) { data/qalculate-gtk-3.3.0/src/callbacks.cc:15478:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(size_t i = 0; i < strlen(gstr2); i++) { data/qalculate-gtk-3.3.0/src/callbacks.cc:15510:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr) > 0 && gstr[0] == '(') { data/qalculate-gtk-3.3.0/src/callbacks.cc:17148:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(gstr && strlen(gstr) > 0) { data/qalculate-gtk-3.3.0/src/callbacks.cc:17893:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr) > 0 && gstr[strlen(gstr) - 1] != ' ') to_str.insert(0, " "); data/qalculate-gtk-3.3.0/src/callbacks.cc:17893:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr) > 0 && gstr[strlen(gstr) - 1] != ' ') to_str.insert(0, " "); data/qalculate-gtk-3.3.0/src/callbacks.cc:20979:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(initial_expression) > 0 && strcmp(initial_expression, "0") != 0) gtk_entry_set_text(GTK_ENTRY(gtk_builder_get_object(percentage_builder, "percentage_entry_1")), initial_expression); data/qalculate-gtk-3.3.0/src/callbacks.cc:24661:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gstr) > 0) {\ data/qalculate-gtk-3.3.0/src/callbacks.cc:24703:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(gtk_entry_get_text(GTK_ENTRY(gtk_builder_get_object(namesedit_builder, "names_edit_entry_name")))) == 0) { data/qalculate-gtk-3.3.0/src/flags.c:19407:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/qalculate-gtk-3.3.0/src/flags.c:19415:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/qalculate-gtk-3.3.0/src/flags.c:19427:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/qalculate-gtk-3.3.0/src/flags.c:19434:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/qalculate-gtk-3.3.0/src/main.cc:366:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(remaining[i]) >= 2 && ((remaining[i][0] == '\"' && remaining[i][strlen(remaining[i]) - 1] == '\"') || (remaining[i][0] == '\'' && remaining[i][strlen(remaining[i]) - 1] == '\''))) { data/qalculate-gtk-3.3.0/src/main.cc:366:77: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(remaining[i]) >= 2 && ((remaining[i][0] == '\"' && remaining[i][strlen(remaining[i]) - 1] == '\"') || (remaining[i][0] == '\'' && remaining[i][strlen(remaining[i]) - 1] == '\''))) { data/qalculate-gtk-3.3.0/src/main.cc:366:156: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(remaining[i]) >= 2 && ((remaining[i][0] == '\"' && remaining[i][strlen(remaining[i]) - 1] == '\"') || (remaining[i][0] == '\'' && remaining[i][strlen(remaining[i]) - 1] == '\''))) { data/qalculate-gtk-3.3.0/src/ui.c:92431:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/qalculate-gtk-3.3.0/src/ui.c:92439:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/qalculate-gtk-3.3.0/src/ui.c:92451:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/qalculate-gtk-3.3.0/src/ui.c:92458:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) ANALYSIS SUMMARY: Hits = 61 Lines analyzed = 141961 in approximately 10.52 seconds (13498 lines/second) Physical Source Lines of Code (SLOC) = 139577 Hits@level = [0] 205 [1] 49 [2] 11 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 266 [1+] 61 [2+] 12 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 1.90576 [1+] 0.437035 [2+] 0.0859741 [3+] 0.0071645 [4+] 0.0071645 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.