Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/mc-plugin/mission-control-plugin.c
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/mc-plugin/mcp-account-manager-uoa.c
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/mc-plugin/empathy-webcredentials-monitor.c
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/mc-plugin/mcp-account-manager-uoa.h
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/mc-plugin/empathy-webcredentials-monitor.h
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/account-plugins/empathy-accounts-plugin.h
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/account-plugins/empathy-accounts-plugin-widget.h
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/account-plugins/empathy-accounts-plugin-widget.c
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/account-plugins/empathy-accounts-plugin.c
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/app-plugin/empathy-app-plugin-widget.c
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/app-plugin/empathy-app-plugin.c
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/app-plugin/empathy-app-plugin-widget.h
Examining data/empathy-3.25.90+really3.12.14/ubuntu-online-accounts/cc-plugins/app-plugin/empathy-app-plugin.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-user-info.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-dialog.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-widget-irc.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-server.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-avatar-chooser.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-protocol.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-user-info.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/totem-subtitle-encoding.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-server.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-widget.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-manager.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/totem-subtitle-encoding.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-calendar-button.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/cheese-camera-device-monitor.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/cheese-camera-device-monitor.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-widget-private.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-chooser-dialog.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-connection-managers.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-connection-managers.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-builder.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-settings.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-avatar-chooser.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-keyring.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-keyring.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-chooser.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-camera-monitor.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-manager.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-time.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-images.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-live-search.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-widget-sip.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-settings.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-builder.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-chooser-dialog.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-live-search.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-uoa-utils.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-widget-irc.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-pixbuf-utils.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-debug.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-widget-sip.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-string-parser.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-uoa-utils.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-string-parser.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-account-widget.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-calendar-button.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-contactinfo-utils.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-protocol.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-debug.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-utils.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-camera-monitor.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-time.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-chooser.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-gsettings.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-pixbuf-utils.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network.h
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-irc-network-dialog.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-contactinfo-utils.c
Examining data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-utils.c
Examining data/empathy-3.25.90+really3.12.14/extensions/extensions.c
Examining data/empathy-3.25.90+really3.12.14/extensions/extensions-cli.c
Examining data/empathy-3.25.90+really3.12.14/extensions/extensions.h
Examining data/empathy-3.25.90+really3.12.14/tests/test-irc-helper.c
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-chatroom-test.c
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-tls-test.c
Examining data/empathy-3.25.90+really3.12.14/tests/test-helper.c
Examining data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-chatroom-manager-test.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-roster-model-aggregator.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-presence-chooser.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-protocol-chooser.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-contact-blocking-dialog.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-dual-roster-view.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-calendar-button.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/empathy-logs.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-status-preset-dialog.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-account-chooser.c
Examining data/empathy-3.25.90+really3.12.14/tests/interactive/test-empathy-roster-view.c
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-irc-network-test.c
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-irc-server-test.c
Examining data/empathy-3.25.90+really3.12.14/tests/test-helper.h
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-irc-network-manager-test.c
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-parser-test.c
Examining data/empathy-3.25.90+really3.12.14/tests/test-irc-helper.h
Examining data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.h
Examining data/empathy-3.25.90+really3.12.14/tests/empathy-live-search-test.c
Examining data/empathy-3.25.90+really3.12.14/goa-mc-plugin/mcp-account-manager-goa.c
Examining data/empathy-3.25.90+really3.12.14/goa-mc-plugin/mission-control-plugin.c
Examining data/empathy-3.25.90+really3.12.14/goa-mc-plugin/mcp-account-manager-goa.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-spell.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-cell-renderer-expander.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-model.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-webkit-utils.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-sound-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-location-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-webkit-utils.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-contact.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-model-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-notify-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-blocking-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-blocking-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-subscription-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-edit-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-sound-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-account-selector-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-location-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-avatar-image.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-group.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-dialpad-widget.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-dialpad-button.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-notify-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-chooser.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-new-account-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-model-aggregator.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-model-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-search-bar.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-view.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-input-text-view.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-presence-chooser.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-bad-password-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-plist.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-view.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-chat.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-bad-password-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-search-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-geoclue-helper.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-input-text-view.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-protocol-chooser.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-share-my-desktop.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-password-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-account-chooser.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-store-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-log-window.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-local-xmpp-assistant-widget.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-groups-widget.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-smiley-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-cell-renderer-text.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-widget.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-local-xmpp-assistant-widget.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-dialpad-widget.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-cell-renderer-text.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-string-parser.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-password-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-cell-renderer-activatable.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-view.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-new-call-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-store.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-search-bar.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-call-utils.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-widget.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-status-preset-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-contact.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-information-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-menu.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-tls-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-plist.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-model.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-store.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-store-channel.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-dialpad-button.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-geoclue-helper.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-edit-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-log-window.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-base-password-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-widget.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-smiley-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-search-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-cell-renderer-expander.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-widget.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-account-chooser.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-status-preset-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-presence-chooser.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-model-aggregator.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-chooser.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-tls-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-account-selector-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-new-call-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-store-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-information-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-chat.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-dialogs.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-new-account-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-new-message-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-geometry.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-images.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-menu.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-view.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-subscription-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-geometry.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-roster-group.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-string-parser.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-new-message-dialog.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-call-utils.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-dialogs.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-cell-renderer-activatable.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-ui-utils.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-ui-utils.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-protocol-chooser.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-avatar-image.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-base-password-dialog.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-groups-widget.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-store-channel.h
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-share-my-desktop.c
Examining data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-spell.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-rounded-rectangle.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-audio-utils.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-chat-manager.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-chatrooms-window.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-utils.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-mic-monitor.h
Examining data/empathy-3.25.90+really3.12.14/src/chat-manager-interface.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-roster-window.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-mic-menu.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-notifications-approver.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-debugger.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-sanity-cleaning.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-handler.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-window-fullscreen.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-window.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-accounts-common.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-camera-menu.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-audio-sink.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-audio-sink.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-factory.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-rounded-actor.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-event-manager.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-preferences.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-accounts.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-rounded-rectangle.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-ft-manager.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-pidgin.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-auth-client.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-camera-menu.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-observer.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-accounts-dialog.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-audio-src.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-handler.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-chat-window.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-mic-monitor.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-chat-window.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-rounded-texture.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-new-chatroom-dialog.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-new-chatroom-dialog.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-ft-manager.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-notifications-approver.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-status-icon.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-window.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-roster-window.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-sanity-cleaning.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-factory.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-utils.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-audio-src.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-video-src.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-about-dialog.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-mic-menu.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-accounts-dialog.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-audio-utils.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-accounts-common.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-preferences.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-observer.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-rounded-actor.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-chat-manager.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-rounded-texture.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-dialog.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-video-src.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-event-manager.c
Examining data/empathy-3.25.90+really3.12.14/src/chat-manager-interface.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-chatrooms-window.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-accounts.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-pidgin.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-invite-participant-dialog.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-dialog.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-invite-participant-dialog.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-widget.h
Examining data/empathy-3.25.90+really3.12.14/src/empathy-chat.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-about-dialog.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-status-icon.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-import-widget.c
Examining data/empathy-3.25.90+really3.12.14/src/empathy-call-window-fullscreen.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-server-tls-handler.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/action-chain.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-ft-handler.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-types.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-tp-chat.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-pkg-kit.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-tls-verifier.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-message.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-tp-chat.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-server-tls-handler.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-message.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-status-presets.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/action-chain-internal.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-individual-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-utils.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-debug.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-location.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-client-factory.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-tls-verifier.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-status-presets.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-server-sasl-handler.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-debug.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-presence-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-goa-auth-handler.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-presence-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-ft-handler.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-connection-aggregator.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-chatroom-manager.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-individual-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-pkg-kit.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-auth-factory.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-ft-factory.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-uoa-auth-handler.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-uoa-auth-handler.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-auth-factory.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-contact.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-client-factory.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-request-util.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-utils.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-chatroom.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-ft-factory.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-contact.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-bus-names.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-chatroom.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-request-util.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-contact-groups.c
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-connection-aggregator.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-gsettings.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-contact-groups.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-chatroom-manager.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-server-sasl-handler.h
Examining data/empathy-3.25.90+really3.12.14/libempathy/empathy-goa-auth-handler.h
FINAL RESULTS:
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-geometry.c:229:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf (str, GEOMETRY_POSITION_FORMAT, &x, &y, &w, &h);
data/empathy-3.25.90+really3.12.14/tests/empathy-chatroom-manager-test.c:84:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system (cmd) == -1)
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-ui-utils.c:825:7: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
g_get_home_dir ());
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-ui-utils.c:949:11: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
dir = g_get_home_dir ();
data/empathy-3.25.90+really3.12.14/src/empathy-call.c:215:39: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
g_setenv ("GST_DEBUG_DUMP_DOT_DIR", g_get_tmp_dir (), FALSE);
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:1575:7: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
g_get_home_dir ());
data/empathy-3.25.90+really3.12.14/src/empathy-import-pidgin.c:233:32: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
filename = g_build_filename (g_get_home_dir (), ".purple", "accounts.xml",
data/empathy-3.25.90+really3.12.14/src/empathy-import-pidgin.c:400:32: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
filename = g_build_filename (g_get_home_dir (), ".purple", "accounts.xml",
data/empathy-3.25.90+really3.12.14/src/empathy.c:538:31: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
old_dir = g_build_filename (g_get_home_dir (), ".gnome2",
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-avatar-chooser.c:1128:58: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
gtk_file_chooser_set_current_folder (chooser_dialog, g_get_home_dir ());
data/empathy-3.25.90+really3.12.14/tests/test-helper.c:50:28: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
return g_build_filename (g_get_tmp_dir (), filename, NULL);
data/empathy-3.25.90+really3.12.14/libempathy/empathy-tp-chat.c:200:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *invitees[2] = { NULL, };
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:1560:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/cheese-camera-device-monitor.c:257:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open (device_path, O_RDONLY | O_NONBLOCK)) < 0)
data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c:173:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (info, &TEST_INFO, sizeof (*info));
data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c:227:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (info, &MOCK_INFO_ONE, sizeof (*info));
data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c:267:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (info, &MOCK_TOKEN_ONE, sizeof (*info));
data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c:395:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (info, &sess->info, sizeof (*info));
data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c:510:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (attr->pValue, data, length);
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-account-chooser.c:942:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
gboolean equal;
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-account-chooser.c:951:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal)
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-account-chooser.c:961:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-cell-renderer-text.c:343:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
attr_size->start_index = strlen (priv->name) + 1;
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-chat.c:1209:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return g_ascii_strncasecmp (s, prefix, strlen (prefix)) == 0;
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-chat.c:1240:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = *(msg + 1 + strlen (commands[i].prefix));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-chat.c:2031:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gtk_text_buffer_insert_at_cursor (buffer, text, strlen (text));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-chat.c:2043:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (complete_char));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-contact-blocking-dialog.c:81:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tp_proxy_get_object_path (conn) + strlen (TP_CONN_OBJECT_PATH_BASE);
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-individual-view.c:863:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(guchar *) individual_id, strlen (individual_id) + 1);
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-spell.c:345:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-spell.c:377:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-spell.c:427:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
enchant_dict_add (lang->speller, word, strlen (word));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-status-preset-dialog.c:163:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (new_status) == 0) {
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:193:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = g_string_sized_new (strlen (format));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:252:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = g_string_sized_new (strlen (text));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:309:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (match);
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:474:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = g_string_sized_new (strlen (nsdate));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:496:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen (convert_table[j]) - 1;
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:533:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = g_string_sized_new (strlen (html) + strlen (message));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:533:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = g_string_sized_new (strlen (html) + strlen (message));
data/empathy-3.25.90+really3.12.14/libempathy-gtk/empathy-theme-adium.c:774:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_class_name = g_string_sized_new (strlen (class_name));
data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.c:292:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (access_token) + strlen (username) + 2);
data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.c:292:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (access_token) + strlen (username) + 2);
data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.c:295:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_array_append_vals (credential, username, strlen (username));
data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.c:297:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_array_append_vals (credential, access_token, strlen (access_token));
data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.c:326:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (password));
data/empathy-3.25.90+really3.12.14/libempathy/empathy-sasl-mechanisms.c:327:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_array_append_vals (password_array, password, strlen (password));
data/empathy-3.25.90+really3.12.14/src/empathy-accounts-dialog.c:1530:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
gboolean equal;
data/empathy-3.25.90+really3.12.14/src/empathy-accounts-dialog.c:1539:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal)
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:559:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen (key);
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:560:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (str) - key_len;
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:987:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = arg0 + strlen (TP_CM_BUS_NAME_BASE);
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:992:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = arg0 + strlen (TP_CLIENT_BUS_NAME_BASE);
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:1133:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names[i] + strlen (TP_CLIENT_BUS_NAME_BASE), SERVICE_TYPE_CLIENT);
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:1138:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names[i] + strlen (TP_CM_BUS_NAME_BASE), SERVICE_TYPE_CM);
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:1532:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (debug_data), NULL, &file_write_error);
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:1703:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
formdata, strlen (formdata));
data/empathy-3.25.90+really3.12.14/src/empathy-debug-window.c:1744:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (text));
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-avatar-chooser.c:452:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("image/"));
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-avatar-chooser.c:464:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen ("image/"));
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-contactinfo-utils.c:184:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param += strlen (prefix);
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-keyring.c:270:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-keyring.c:312:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-keyring.c:566:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-keyring.c:617:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-keyring.c:685:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-string-parser.c:173:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
escaped_len = strlen (escaped);
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-string-parser.c:201:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = g_string_sized_new (strlen (text));
data/empathy-3.25.90+really3.12.14/telepathy-account-widgets/tp-account-widgets/tpaw-utils.c:314:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return tpaw_make_absolute_url_len (url, strlen (url));
data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c:580:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return fill_data_attribute (attr, data, strlen (data));
data/empathy-3.25.90+really3.12.14/tests/mock-pkcs11.c:800:11: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return !mismatch;
ANALYSIS SUMMARY:
Hits = 71
Lines analyzed = 125008 in approximately 2.63 seconds (47609 lines/second)
Physical Source Lines of Code (SLOC) = 89607
Hits@level = [0] 0 [1] 52 [2] 8 [3] 9 [4] 2 [5] 0
Hits@level+ = [0+] 71 [1+] 71 [2+] 19 [3+] 11 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 0.792349 [1+] 0.792349 [2+] 0.212037 [3+] 0.122758 [4+] 0.0223197 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.