Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gnome-photos-3.38.0/src/photos-application.h
Examining data/gnome-photos-3.38.0/src/photos-base-item.c
Examining data/gnome-photos-3.38.0/src/photos-base-item.h
Examining data/gnome-photos-3.38.0/src/photos-base-manager.c
Examining data/gnome-photos-3.38.0/src/photos-base-manager.h
Examining data/gnome-photos-3.38.0/src/photos-base-model.c
Examining data/gnome-photos-3.38.0/src/photos-base-model.h
Examining data/gnome-photos-3.38.0/src/photos-camera-cache.c
Examining data/gnome-photos-3.38.0/src/photos-camera-cache.h
Examining data/gnome-photos-3.38.0/src/photos-collection-icon-watcher.c
Examining data/gnome-photos-3.38.0/src/photos-collection-icon-watcher.h
Examining data/gnome-photos-3.38.0/src/photos-create-collection-icon-job.c
Examining data/gnome-photos-3.38.0/src/photos-create-collection-icon-job.h
Examining data/gnome-photos-3.38.0/src/photos-create-collection-job.c
Examining data/gnome-photos-3.38.0/src/photos-create-collection-job.h
Examining data/gnome-photos-3.38.0/src/photos-debug.c
Examining data/gnome-photos-3.38.0/src/photos-debug.h
Examining data/gnome-photos-3.38.0/src/photos-delete-item-job.c
Examining data/gnome-photos-3.38.0/src/photos-delete-item-job.h
Examining data/gnome-photos-3.38.0/src/photos-delete-notification.c
Examining data/gnome-photos-3.38.0/src/photos-delete-notification.h
Examining data/gnome-photos-3.38.0/src/photos-device-item.c
Examining data/gnome-photos-3.38.0/src/photos-device-item.h
Examining data/gnome-photos-3.38.0/src/photos-dlna-renderer.c
Examining data/gnome-photos-3.38.0/src/photos-dlna-renderer.h
Examining data/gnome-photos-3.38.0/src/photos-dlna-renderers-dialog.c
Examining data/gnome-photos-3.38.0/src/photos-dlna-renderers-dialog.h
Examining data/gnome-photos-3.38.0/src/photos-dlna-renderers-manager.c
Examining data/gnome-photos-3.38.0/src/photos-dlna-renderers-manager.h
Examining data/gnome-photos-3.38.0/src/photos-done-notification.c
Examining data/gnome-photos-3.38.0/src/photos-done-notification.h
Examining data/gnome-photos-3.38.0/src/photos-dropdown.c
Examining data/gnome-photos-3.38.0/src/photos-dropdown.h
Examining data/gnome-photos-3.38.0/src/photos-edit-palette-row.c
Examining data/gnome-photos-3.38.0/src/photos-edit-palette-row.h
Examining data/gnome-photos-3.38.0/src/photos-edit-palette.c
Examining data/gnome-photos-3.38.0/src/photos-edit-palette.h
Examining data/gnome-photos-3.38.0/src/photos-embed.c
Examining data/gnome-photos-3.38.0/src/photos-embed.h
Examining data/gnome-photos-3.38.0/src/photos-empty-results-box.c
Examining data/gnome-photos-3.38.0/src/photos-empty-results-box.h
Examining data/gnome-photos-3.38.0/src/photos-error-box.c
Examining data/gnome-photos-3.38.0/src/photos-error-box.h
Examining data/gnome-photos-3.38.0/src/photos-error.c
Examining data/gnome-photos-3.38.0/src/photos-error.h
Examining data/gnome-photos-3.38.0/src/photos-export-dialog.c
Examining data/gnome-photos-3.38.0/src/photos-export-dialog.h
Examining data/gnome-photos-3.38.0/src/photos-export-notification.c
Examining data/gnome-photos-3.38.0/src/photos-export-notification.h
Examining data/gnome-photos-3.38.0/src/photos-facebook-item.c
Examining data/gnome-photos-3.38.0/src/photos-facebook-item.h
Examining data/gnome-photos-3.38.0/src/photos-fetch-collection-state-job.c
Examining data/gnome-photos-3.38.0/src/photos-fetch-collection-state-job.h
Examining data/gnome-photos-3.38.0/src/photos-fetch-collections-job.c
Examining data/gnome-photos-3.38.0/src/photos-fetch-collections-job.h
Examining data/gnome-photos-3.38.0/src/photos-fetch-ids-job.c
Examining data/gnome-photos-3.38.0/src/photos-fetch-ids-job.h
Examining data/gnome-photos-3.38.0/src/photos-fetch-metas-job.c
Examining data/gnome-photos-3.38.0/src/photos-fetch-metas-job.h
Examining data/gnome-photos-3.38.0/src/photos-filterable.c
Examining data/gnome-photos-3.38.0/src/photos-filterable.h
Examining data/gnome-photos-3.38.0/src/photos-flickr-item.c
Examining data/gnome-photos-3.38.0/src/photos-flickr-item.h
Examining data/gnome-photos-3.38.0/src/photos-gegl.c
Examining data/gnome-photos-3.38.0/src/photos-gegl.h
Examining data/gnome-photos-3.38.0/src/photos-gesture-zoom.c
Examining data/gnome-photos-3.38.0/src/photos-gesture-zoom.h
Examining data/gnome-photos-3.38.0/src/photos-glib.c
Examining data/gnome-photos-3.38.0/src/photos-glib.h
Examining data/gnome-photos-3.38.0/src/photos-google-item.c
Examining data/gnome-photos-3.38.0/src/photos-google-item.h
Examining data/gnome-photos-3.38.0/src/photos-image-view-helper.c
Examining data/gnome-photos-3.38.0/src/photos-image-view-helper.h
Examining data/gnome-photos-3.38.0/src/photos-image-view.c
Examining data/gnome-photos-3.38.0/src/photos-image-view.h
Examining data/gnome-photos-3.38.0/src/photos-import-dialog.c
Examining data/gnome-photos-3.38.0/src/photos-import-dialog.h
Examining data/gnome-photos-3.38.0/src/photos-indexing-notification.h
Examining data/gnome-photos-3.38.0/src/photos-item-manager.c
Examining data/gnome-photos-3.38.0/src/photos-item-manager.h
Examining data/gnome-photos-3.38.0/src/photos-jpeg-count.c
Examining data/gnome-photos-3.38.0/src/photos-jpeg-count.h
Examining data/gnome-photos-3.38.0/src/photos-local-item.c
Examining data/gnome-photos-3.38.0/src/photos-local-item.h
Examining data/gnome-photos-3.38.0/src/photos-main-toolbar.c
Examining data/gnome-photos-3.38.0/src/photos-main-toolbar.h
Examining data/gnome-photos-3.38.0/src/photos-main-window.c
Examining data/gnome-photos-3.38.0/src/photos-main-window.h
Examining data/gnome-photos-3.38.0/src/photos-main.c
Examining data/gnome-photos-3.38.0/src/photos-media-server-item.c
Examining data/gnome-photos-3.38.0/src/photos-media-server-item.h
Examining data/gnome-photos-3.38.0/src/photos-model-button.c
Examining data/gnome-photos-3.38.0/src/photos-model-button.h
Examining data/gnome-photos-3.38.0/src/photos-notification-manager.c
Examining data/gnome-photos-3.38.0/src/photos-notification-manager.h
Examining data/gnome-photos-3.38.0/src/photos-offset-collection-view-controller.c
Examining data/gnome-photos-3.38.0/src/photos-offset-collection-view-controller.h
Examining data/gnome-photos-3.38.0/src/photos-offset-collections-controller.c
Examining data/gnome-photos-3.38.0/src/photos-offset-collections-controller.h
Examining data/gnome-photos-3.38.0/src/photos-offset-controller.c
Examining data/gnome-photos-3.38.0/src/photos-offset-controller.h
Examining data/gnome-photos-3.38.0/src/photos-offset-favorites-controller.c
Examining data/gnome-photos-3.38.0/src/photos-offset-favorites-controller.h
Examining data/gnome-photos-3.38.0/src/photos-offset-import-controller.c
Examining data/gnome-photos-3.38.0/src/photos-offset-import-controller.h
Examining data/gnome-photos-3.38.0/src/photos-offset-overview-controller.c
Examining data/gnome-photos-3.38.0/src/photos-offset-overview-controller.h
Examining data/gnome-photos-3.38.0/src/photos-offset-search-controller.c
Examining data/gnome-photos-3.38.0/src/photos-offset-search-controller.h
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-clarendon.c
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-clarendon.h
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-common.h
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-curve.c
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-curve.h
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-filter.c
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-filter.h
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-hefe-curve.c
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-hefe-curve.h
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-hefe-vignette.c
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-hefe-vignette.h
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-hefe.c
Examining data/gnome-photos-3.38.0/src/photos-operation-insta-hefe.h
Examining data/gnome-photos-3.38.0/src/photos-operation-jpg-guess-sizes.c
Examining data/gnome-photos-3.38.0/src/photos-operation-jpg-guess-sizes.h
Examining data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.c
Examining data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.h
Examining data/gnome-photos-3.38.0/src/photos-operation-saturation.c
Examining data/gnome-photos-3.38.0/src/photos-operation-saturation.h
Examining data/gnome-photos-3.38.0/src/photos-operation-svg-multiply.c
Examining data/gnome-photos-3.38.0/src/photos-operation-svg-multiply.h
Examining data/gnome-photos-3.38.0/src/photos-organize-collection-dialog.c
Examining data/gnome-photos-3.38.0/src/photos-organize-collection-dialog.h
Examining data/gnome-photos-3.38.0/src/photos-organize-collection-model.c
Examining data/gnome-photos-3.38.0/src/photos-organize-collection-model.h
Examining data/gnome-photos-3.38.0/src/photos-organize-collection-view.c
Examining data/gnome-photos-3.38.0/src/photos-organize-collection-view.h
Examining data/gnome-photos-3.38.0/src/photos-overview-searchbar.c
Examining data/gnome-photos-3.38.0/src/photos-overview-searchbar.h
Examining data/gnome-photos-3.38.0/src/photos-pipeline.c
Examining data/gnome-photos-3.38.0/src/photos-pipeline.h
Examining data/gnome-photos-3.38.0/src/photos-pixbuf.c
Examining data/gnome-photos-3.38.0/src/photos-pixbuf.h
Examining data/gnome-photos-3.38.0/src/photos-png-count.c
Examining data/gnome-photos-3.38.0/src/photos-png-count.h
Examining data/gnome-photos-3.38.0/src/photos-preview-nav-buttons.c
Examining data/gnome-photos-3.38.0/src/photos-preview-nav-buttons.h
Examining data/gnome-photos-3.38.0/src/photos-preview-view.c
Examining data/gnome-photos-3.38.0/src/photos-preview-view.h
Examining data/gnome-photos-3.38.0/src/photos-print-notification.c
Examining data/gnome-photos-3.38.0/src/photos-print-notification.h
Examining data/gnome-photos-3.38.0/src/photos-print-operation.c
Examining data/gnome-photos-3.38.0/src/photos-print-operation.h
Examining data/gnome-photos-3.38.0/src/photos-print-preview.c
Examining data/gnome-photos-3.38.0/src/photos-print-preview.h
Examining data/gnome-photos-3.38.0/src/photos-print-setup.c
Examining data/gnome-photos-3.38.0/src/photos-print-setup.h
Examining data/gnome-photos-3.38.0/src/photos-properties-dialog.c
Examining data/gnome-photos-3.38.0/src/photos-properties-dialog.h
Examining data/gnome-photos-3.38.0/src/photos-quarks.c
Examining data/gnome-photos-3.38.0/src/photos-quarks.h
Examining data/gnome-photos-3.38.0/src/photos-query-builder.c
Examining data/gnome-photos-3.38.0/src/photos-query-builder.h
Examining data/gnome-photos-3.38.0/src/photos-query.c
Examining data/gnome-photos-3.38.0/src/photos-query.h
Examining data/gnome-photos-3.38.0/src/photos-remote-display-manager.c
Examining data/gnome-photos-3.38.0/src/photos-remote-display-manager.h
Examining data/gnome-photos-3.38.0/src/photos-removable-device-widget.c
Examining data/gnome-photos-3.38.0/src/photos-removable-device-widget.h
Examining data/gnome-photos-3.38.0/src/photos-removable-devices-button.c
Examining data/gnome-photos-3.38.0/src/photos-removable-devices-button.h
Examining data/gnome-photos-3.38.0/src/photos-search-context.c
Examining data/gnome-photos-3.38.0/src/photos-search-context.h
Examining data/gnome-photos-3.38.0/src/photos-search-controller.c
Examining data/gnome-photos-3.38.0/src/photos-search-controller.h
Examining data/gnome-photos-3.38.0/src/photos-search-match-manager.c
Examining data/gnome-photos-3.38.0/src/photos-search-match-manager.h
Examining data/gnome-photos-3.38.0/src/photos-search-match.c
Examining data/gnome-photos-3.38.0/src/photos-search-match.h
Examining data/gnome-photos-3.38.0/src/photos-search-provider.c
Examining data/gnome-photos-3.38.0/src/photos-search-provider.h
Examining data/gnome-photos-3.38.0/src/photos-search-type-manager.c
Examining data/gnome-photos-3.38.0/src/photos-search-type-manager.h
Examining data/gnome-photos-3.38.0/src/photos-search-type.c
Examining data/gnome-photos-3.38.0/src/photos-search-type.h
Examining data/gnome-photos-3.38.0/src/photos-searchbar.c
Examining data/gnome-photos-3.38.0/src/photos-searchbar.h
Examining data/gnome-photos-3.38.0/src/photos-selection-controller.c
Examining data/gnome-photos-3.38.0/src/photos-selection-controller.h
Examining data/gnome-photos-3.38.0/src/photos-selection-toolbar.c
Examining data/gnome-photos-3.38.0/src/photos-selection-toolbar.h
Examining data/gnome-photos-3.38.0/src/photos-set-collection-job.c
Examining data/gnome-photos-3.38.0/src/photos-set-collection-job.h
Examining data/gnome-photos-3.38.0/src/photos-share-dialog.c
Examining data/gnome-photos-3.38.0/src/photos-share-dialog.h
Examining data/gnome-photos-3.38.0/src/photos-share-notification.c
Examining data/gnome-photos-3.38.0/src/photos-share-notification.h
Examining data/gnome-photos-3.38.0/src/photos-share-point-email.c
Examining data/gnome-photos-3.38.0/src/photos-share-point-email.h
Examining data/gnome-photos-3.38.0/src/photos-share-point-google.c
Examining data/gnome-photos-3.38.0/src/photos-share-point-google.h
Examining data/gnome-photos-3.38.0/src/photos-share-point-manager.c
Examining data/gnome-photos-3.38.0/src/photos-share-point-manager.h
Examining data/gnome-photos-3.38.0/src/photos-share-point-online.c
Examining data/gnome-photos-3.38.0/src/photos-share-point-online.h
Examining data/gnome-photos-3.38.0/src/photos-share-point.c
Examining data/gnome-photos-3.38.0/src/photos-share-point.h
Examining data/gnome-photos-3.38.0/src/photos-single-item-job.c
Examining data/gnome-photos-3.38.0/src/photos-single-item-job.h
Examining data/gnome-photos-3.38.0/src/photos-source-manager.c
Examining data/gnome-photos-3.38.0/src/photos-source-manager.h
Examining data/gnome-photos-3.38.0/src/photos-source-notification.c
Examining data/gnome-photos-3.38.0/src/photos-source-notification.h
Examining data/gnome-photos-3.38.0/src/photos-source.c
Examining data/gnome-photos-3.38.0/src/photos-source.h
Examining data/gnome-photos-3.38.0/src/photos-spinner-box.c
Examining data/gnome-photos-3.38.0/src/photos-spinner-box.h
Examining data/gnome-photos-3.38.0/src/photos-thumbnail-factory.c
Examining data/gnome-photos-3.38.0/src/photos-thumbnail-factory.h
Examining data/gnome-photos-3.38.0/src/photos-thumbnailer-main.c
Examining data/gnome-photos-3.38.0/src/photos-thumbnailer.c
Examining data/gnome-photos-3.38.0/src/photos-thumbnailer.h
Examining data/gnome-photos-3.38.0/src/photos-tool-colors.c
Examining data/gnome-photos-3.38.0/src/photos-tool-colors.h
Examining data/gnome-photos-3.38.0/src/photos-tool-crop-helper.c
Examining data/gnome-photos-3.38.0/src/photos-tool-crop-helper.h
Examining data/gnome-photos-3.38.0/src/photos-tool-crop.c
Examining data/gnome-photos-3.38.0/src/photos-tool-crop.h
Examining data/gnome-photos-3.38.0/src/photos-tool-enhance.c
Examining data/gnome-photos-3.38.0/src/photos-tool-enhance.h
Examining data/gnome-photos-3.38.0/src/photos-tool-filter-button.c
Examining data/gnome-photos-3.38.0/src/photos-tool-filter-button.h
Examining data/gnome-photos-3.38.0/src/photos-tool-filters.c
Examining data/gnome-photos-3.38.0/src/photos-tool-filters.h
Examining data/gnome-photos-3.38.0/src/photos-tool.c
Examining data/gnome-photos-3.38.0/src/photos-tool.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-change-event.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-change-event.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-change-monitor.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-collection-view-controller.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-collection-view-controller.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-collections-controller.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-collections-controller.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-controller.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-controller.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-favorites-controller.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-favorites-controller.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-import-controller.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-overview-controller.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-overview-controller.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-queue.h
Examining data/gnome-photos-3.38.0/src/photos-tracker-search-controller.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-search-controller.h
Examining data/gnome-photos-3.38.0/src/photos-update-mtime-job.c
Examining data/gnome-photos-3.38.0/src/photos-update-mtime-job.h
Examining data/gnome-photos-3.38.0/src/photos-utils.c
Examining data/gnome-photos-3.38.0/src/photos-utils.h
Examining data/gnome-photos-3.38.0/src/photos-view-container.c
Examining data/gnome-photos-3.38.0/src/photos-view-container.h
Examining data/gnome-photos-3.38.0/src/photos-zoom-controls.c
Examining data/gnome-photos-3.38.0/src/photos-zoom-controls.h
Examining data/gnome-photos-3.38.0/src/photos-application.c
Examining data/gnome-photos-3.38.0/src/photos-indexing-notification.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-change-monitor.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-import-controller.c
Examining data/gnome-photos-3.38.0/src/photos-tracker-queue.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-icon-utils.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-icon-utils.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box-child.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box-child.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box-generic.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box-generic.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box-item.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box-item.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-box.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-box-child.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-box-child.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-box-icon.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-box-icon.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-box.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-box.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-view.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-icon-view.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-list-view.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-list-view.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-view-generic.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-view-generic.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-view.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-view.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-margin-container.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-margin-container.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-notification.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-notification.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-styled-text-renderer.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-styled-text-renderer.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-tagged-entry.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-tagged-entry.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-toggle-pixbuf-renderer.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-toggle-pixbuf-renderer.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-two-lines-renderer.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-two-lines-renderer.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-types-catalog.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-types-catalog.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd.h
Examining data/gnome-photos-3.38.0/subprojects/libgd/test-tagged-entry-2.c
Examining data/gnome-photos-3.38.0/subprojects/libgd/test-tagged-entry.c
Examining data/gnome-photos-3.38.0/tests/unit/photos-test-gegl.c
Examining data/gnome-photos-3.38.0/tests/unit/photos-test-pipeline.c
FINAL RESULTS:
data/gnome-photos-3.38.0/src/photos-thumbnail-factory.c:258:13: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
tmp_dir = g_get_tmp_dir ();
data/gnome-photos-3.38.0/src/photos-base-item.c:4035:38: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
PHOTOS_BASE_ITEM_GET_CLASS (self)->open (self, parent, timestamp);
data/gnome-photos-3.38.0/src/photos-base-item.h:71:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void (*open) (PhotosBaseItem *self, GtkWindow *parent, guint32 timestamp);
data/gnome-photos-3.38.0/src/photos-export-notification.c:367:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
GtkWidget *open;
data/gnome-photos-3.38.0/src/photos-export-notification.c:370:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gtk_widget_set_valign (open, GTK_ALIGN_CENTER);
data/gnome-photos-3.38.0/src/photos-export-notification.c:371:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gtk_widget_set_halign (open, GTK_ALIGN_CENTER);
data/gnome-photos-3.38.0/src/photos-export-notification.c:372:52: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gtk_container_add (GTK_CONTAINER (self), open);
data/gnome-photos-3.38.0/src/photos-export-notification.c:373:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g_signal_connect_swapped (open, "clicked", G_CALLBACK (photos_export_notification_open), self);
data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.c:84:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (format_string, "R'G'B'A ");
data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.c:89:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (format_string, "Y'A ");
data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.c:97:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (format_string, "R'G'B' ");
data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.c:102:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (format_string, "Y' ");
data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.c:107:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (format_string, "u16");
data/gnome-photos-3.38.0/src/photos-operation-png-guess-sizes.c:109:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (format_string, "u8");
data/gnome-photos-3.38.0/src/photos-share-notification.c:158:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
GtkWidget *open;
data/gnome-photos-3.38.0/src/photos-share-notification.c:168:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gtk_widget_set_valign (open, GTK_ALIGN_CENTER);
data/gnome-photos-3.38.0/src/photos-share-notification.c:169:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gtk_widget_set_halign (open, GTK_ALIGN_CENTER);
data/gnome-photos-3.38.0/src/photos-share-notification.c:170:48: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gtk_container_add (GTK_CONTAINER (self), open);
data/gnome-photos-3.38.0/src/photos-share-notification.c:171:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g_signal_connect_swapped (open, "clicked", G_CALLBACK (photos_share_notification_open), self);
data/gnome-photos-3.38.0/src/photos-facebook-item.c:68:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen (facebook_prefix);
data/gnome-photos-3.38.0/src/photos-facebook-item.c:127:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen (facebook_prefix);
data/gnome-photos-3.38.0/src/photos-flickr-item.c:173:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen (flickr_prefix);
data/gnome-photos-3.38.0/src/photos-flickr-item.c:175:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (identifier) <= prefix_len || !g_str_has_prefix (identifier, flickr_prefix))
data/gnome-photos-3.38.0/src/photos-flickr-item.c:186:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen (resource_prefix);
data/gnome-photos-3.38.0/src/photos-flickr-item.c:188:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (resource_urn) <= prefix_len || !g_str_has_prefix (resource_urn, resource_prefix))
data/gnome-photos-3.38.0/src/photos-flickr-item.c:334:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
identifier = photos_base_item_get_identifier (item) + strlen ("flickr:");
data/gnome-photos-3.38.0/src/photos-google-item.c:120:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
identifier = photos_base_item_get_identifier (item) + strlen ("google:picasaweb:");
data/gnome-photos-3.38.0/src/photos-pipeline.c:717:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (xml);
data/gnome-photos-3.38.0/src/photos-utils.c:1052:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (extensions[i]) <= 3)
data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-view.c:329:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
gboolean equal;
data/gnome-photos-3.38.0/subprojects/libgd/libgd/gd-main-view.c:355:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal)
ANALYSIS SUMMARY:
Hits = 31
Lines analyzed = 77524 in approximately 1.52 seconds (51147 lines/second)
Physical Source Lines of Code (SLOC) = 54048
Hits@level = [0] 1 [1] 12 [2] 18 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 32 [1+] 31 [2+] 19 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 0.592066 [1+] 0.573564 [2+] 0.351539 [3+] 0.0185021 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.