Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/emerald-0.8.18/include/titlebar.h Examining data/emerald-0.8.18/include/emerald.h Examining data/emerald-0.8.18/include/libengine.h Examining data/emerald-0.8.18/include/engine.h Examining data/emerald-0.8.18/themer/main.c Examining data/emerald-0.8.18/engines/oxygen_icon.h Examining data/emerald-0.8.18/engines/legacy.c Examining data/emerald-0.8.18/engines/zootreeves_icon.h Examining data/emerald-0.8.18/engines/oxygen.c Examining data/emerald-0.8.18/engines/truglass_icon.h Examining data/emerald-0.8.18/engines/legacy_icon.h Examining data/emerald-0.8.18/engines/zootreeves.c Examining data/emerald-0.8.18/engines/vrunner.c Examining data/emerald-0.8.18/engines/pixmap.c Examining data/emerald-0.8.18/engines/truglass.c Examining data/emerald-0.8.18/engines/pixmap_icon.h Examining data/emerald-0.8.18/engines/vrunner_icon.h Examining data/emerald-0.8.18/engines/line.c Examining data/emerald-0.8.18/libengine/emerald.c Examining data/emerald-0.8.18/libengine/themer.c Examining data/emerald-0.8.18/src/main.c Examining data/emerald-0.8.18/src/engine_loader.c FINAL RESULTS: data/emerald-0.8.18/libengine/emerald.c:25:57: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * opath = g_strdup_printf("%s/.emerald/theme",g_get_home_dir()); data/emerald-0.8.18/libengine/emerald.c:30:56: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. opath = g_strdup_printf("%s/.emerald/settings.ini",g_get_home_dir()); data/emerald-0.8.18/libengine/emerald.c:40:59: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. opath = g_strdup_printf("%s/.emerald/theme/theme.ini",g_get_home_dir()); data/emerald-0.8.18/libengine/emerald.c:51:72: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * npath = g_strdup_printf("%s/.emerald/theme/%s",g_get_home_dir(),n); data/emerald-0.8.18/libengine/emerald.c:68:57: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return g_strdup_printf("%s/.emerald/theme/%s.%s.%s",g_get_home_dir(),sect,key,ext); data/emerald-0.8.18/libengine/themer.c:351:34: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * file = g_strjoin("/",g_get_home_dir(),".emerald/theme/theme.ini",NULL); data/emerald-0.8.18/libengine/themer.c:352:34: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * path = g_strjoin("/",g_get_home_dir(),".emerald/theme/",NULL); data/emerald-0.8.18/libengine/themer.c:438:75: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * s = g_strdup_printf("%s/.emerald/theme/%s.%s.png",g_get_home_dir(),item->section,item->key); data/emerald-0.8.18/libengine/themer.c:492:34: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * file = g_strjoin("/",g_get_home_dir(),".emerald/settings.ini",NULL); data/emerald-0.8.18/libengine/themer.c:493:34: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * path = g_strjoin("/",g_get_home_dir(),".emerald/",NULL); data/emerald-0.8.18/libengine/themer.c:825:63: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. s = g_strdup_printf("%s/.emerald/theme/%s.%s.png",g_get_home_dir(),item->section,item->key); data/emerald-0.8.18/libengine/themer.c:871:34: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * file = g_strjoin("/",g_get_home_dir(),".emerald/theme/theme.ini",NULL); data/emerald-0.8.18/libengine/themer.c:874:26: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. file = g_strjoin("/",g_get_home_dir(),".emerald/settings.ini",NULL); data/emerald-0.8.18/libengine/themer.c:1037:46: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * local_engine_dir = g_strjoin("/",g_get_home_dir(),".emerald/engines",NULL); data/emerald-0.8.18/src/engine_loader.c:24:26: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. #define LOCAL_ENGINE_DIR g_get_home_dir(),".emerald/engines" data/emerald-0.8.18/src/main.c:5720:17: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. g_strjoin("/", g_get_home_dir(), ".emerald/settings.ini", NULL); data/emerald-0.8.18/src/main.c:5786:27: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. path = g_strjoin("/", g_get_home_dir(), ".emerald/theme/theme.ini", NULL); data/emerald-0.8.18/themer/main.c:290:50: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. path = g_strdup_printf("%s/.emerald/themes/",g_get_home_dir()); data/emerald-0.8.18/themer/main.c:382:47: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. xt = g_strdup_printf("%s/.emerald/theme/",g_get_home_dir()); data/emerald-0.8.18/themer/main.c:400:64: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fn = g_strdup_printf("%s/.emerald/themes/%s/theme.ini",g_get_home_dir(),mt); data/emerald-0.8.18/themer/main.c:401:55: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. at = g_strdup_printf("%s/.emerald/themes/%s/",g_get_home_dir(),mt); data/emerald-0.8.18/themer/main.c:471:51: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fn = g_strdup_printf("%s/.emerald/themes/%s/",g_get_home_dir(),ot); data/emerald-0.8.18/themer/main.c:511:47: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fn = g_strdup_printf("%s/.emerald/theme/",g_get_home_dir()); data/emerald-0.8.18/themer/main.c:548:50: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fn = g_strdup_printf("%s/.emerald/themes/%s",g_get_home_dir(),at); data/emerald-0.8.18/themer/main.c:551:60: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fn = g_strdup_printf("%s/.emerald/themes/%s/theme.ini",g_get_home_dir(),at); data/emerald-0.8.18/themer/main.c:567:56: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fn = g_strdup_printf("%s/.emerald/theme/theme.ini",g_get_home_dir()); data/emerald-0.8.18/themer/main.c:580:55: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. xt = g_strdup_printf("%s/.emerald/themes/%s/",g_get_home_dir(),mt); data/emerald-0.8.18/themer/main.c:591:51: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. at = g_strdup_printf("%s/.emerald/theme/",g_get_home_dir()); data/emerald-0.8.18/themer/main.c:644:60: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. fn = g_strdup_printf("%s/.emerald/themes/%s/theme.ini",g_get_home_dir(),at); data/emerald-0.8.18/themer/main.c:657:59: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. pt = g_strdup_printf("%s/.emerald/themes/%s/",g_get_home_dir(),at); data/emerald-0.8.18/themer/main.c:974:49: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * pth = g_strdup_printf("%s/Desktop/",g_get_home_dir()); data/emerald-0.8.18/themer/main.c:1433:49: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gchar * pth = g_strdup_printf("%s/Desktop/",g_get_home_dir()); data/emerald-0.8.18/themer/main.c:1773:63: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. g_mkdir_with_parents(g_strdup_printf("%s/.emerald/theme/",g_get_home_dir()),00755); data/emerald-0.8.18/themer/main.c:1774:64: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. g_mkdir_with_parents(g_strdup_printf("%s/.emerald/themes/",g_get_home_dir()),00755); data/emerald-0.8.18/libengine/themer.c:639:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inf,&(fe.d->meta),sizeof(EngineMetaInfo)); data/emerald-0.8.18/src/main.c:396:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ws->pos, newpos, sizeof(pos_t) * 9); data/emerald-0.8.18/src/main.c:1764:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(button_region_inact, button_region, sizeof(button_region_t)); data/emerald-0.8.18/src/main.c:3213:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(d->name + name_length - 3, "..."); data/emerald-0.8.18/src/main.c:3303:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&a, data, sizeof(Atom)); data/emerald-0.8.18/src/main.c:3580:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(d->name + name_length - 3, "..."); data/emerald-0.8.18/libengine/themer.c:583:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(s)) data/emerald-0.8.18/libengine/themer.c:673:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(s)) data/emerald-0.8.18/src/main.c:2462:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). text_len = strlen(text); data/emerald-0.8.18/src/main.c:2970:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(ws->tobj_layout); i++) data/emerald-0.8.18/src/main.c:3003:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(ws->tobj_layout); i++) data/emerald-0.8.18/src/main.c:3160:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pango_layout_set_text(d->layout, name, strlen(name)); data/emerald-0.8.18/src/main.c:3164:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pango_layout_set_text(d->layout, d->name, strlen(d->name)); data/emerald-0.8.18/src/main.c:3184:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (name && (name_length = strlen(name))) data/emerald-0.8.18/src/main.c:3552:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (name && (name_length = strlen(name))) data/emerald-0.8.18/themer/main.c:188:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (creator && !strlen(creator)) data/emerald-0.8.18/themer/main.c:194:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (tver && !strlen(tver)) data/emerald-0.8.18/themer/main.c:200:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (rwid && !strlen(rwid)) data/emerald-0.8.18/themer/main.c:206:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (desc && !strlen(desc)) data/emerald-0.8.18/themer/main.c:361:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(at)>=1 && at[0] == '*') data/emerald-0.8.18/themer/main.c:363:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(at)>=2) data/emerald-0.8.18/themer/main.c:375:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(mt)==0) data/emerald-0.8.18/themer/main.c:462:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ot[strlen(ot)-strlen(".emerald")]='\0'; data/emerald-0.8.18/themer/main.c:462:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ot[strlen(ot)-strlen(".emerald")]='\0'; data/emerald-0.8.18/themer/main.c:498:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!themename || !strlen(themename) || data/emerald-0.8.18/themer/main.c:538:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(at)>=1 && at[0] == '*') data/emerald-0.8.18/themer/main.c:543:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(at)==0 || strchr(at,'/')) data/emerald-0.8.18/themer/main.c:632:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(at)>=1 && at[0] == '*') data/emerald-0.8.18/themer/main.c:638:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(at)==0) data/emerald-0.8.18/themer/main.c:1392:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ch=gtk_entry_get_text(e))==0) data/emerald-0.8.18/themer/main.c:1400:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(at) && strstr(at,ch)) ANALYSIS SUMMARY: Hits = 65 Lines analyzed = 18172 in approximately 0.61 seconds (29958 lines/second) Physical Source Lines of Code (SLOC) = 15361 Hits@level = [0] 0 [1] 25 [2] 6 [3] 34 [4] 0 [5] 0 Hits@level+ = [0+] 65 [1+] 65 [2+] 40 [3+] 34 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 4.2315 [1+] 4.2315 [2+] 2.604 [3+] 2.2134 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.