stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gtksourceview3-3.24.11/testsuite/test-stylescheme.c
Examining data/gtksourceview3-3.24.11/testsuite/test-view.c
Examining data/gtksourceview3-3.24.11/testsuite/test-completion-words.c
Examining data/gtksourceview3-3.24.11/testsuite/test-file-saver.c
Examining data/gtksourceview3-3.24.11/testsuite/test-undo-manager.c
Examining data/gtksourceview3-3.24.11/testsuite/test-regex.c
Examining data/gtksourceview3-3.24.11/testsuite/test-mark.c
Examining data/gtksourceview3-3.24.11/testsuite/test-styleschememanager.c
Examining data/gtksourceview3-3.24.11/testsuite/test-buffer-input-stream.c
Examining data/gtksourceview3-3.24.11/testsuite/test-buffer-output-stream.c
Examining data/gtksourceview3-3.24.11/testsuite/test-region.c
Examining data/gtksourceview3-3.24.11/testsuite/test-printcompositor.c
Examining data/gtksourceview3-3.24.11/testsuite/test-file-loader.c
Examining data/gtksourceview3-3.24.11/testsuite/test-encoding.c
Examining data/gtksourceview3-3.24.11/testsuite/test-utils.c
Examining data/gtksourceview3-3.24.11/testsuite/test-language.c
Examining data/gtksourceview3-3.24.11/testsuite/test-search-context.c
Examining data/gtksourceview3-3.24.11/testsuite/test-completion-model.c
Examining data/gtksourceview3-3.24.11/testsuite/test-iter.c
Examining data/gtksourceview3-3.24.11/testsuite/test-space-drawer.c
Examining data/gtksourceview3-3.24.11/testsuite/test-languagemanager.c
Examining data/gtksourceview3-3.24.11/testsuite/test-buffer.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceutils.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionproposal.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletioninfo.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionprovider.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcetag.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrendererpixbuf.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschemechooser.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceengine.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletion.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrendererpixbuf.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferoutputstream.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceundomanagerdefault.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceversion.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestylescheme.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceprintcompositor.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceutils.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceautocleanups.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceiter.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceregion.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemark.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionitem.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcefilesaver.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschemechooserbutton.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview-utils.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrenderer.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletioncontext.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguagemanager.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionmodel.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceengine.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcetag.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcepixbufhelper.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchsettings.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceregion.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchsettings.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrenderer.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrendererlines.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebuffer.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gconstructor.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschemechooserwidget.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebuffer-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordslibrary.h
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwords.c
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordslibrary.c
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordsproposal.c
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwords.h
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordsproposal.h
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordsutils.c
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordsutils.h
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordsbuffer.h
Examining data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordsbuffer.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview-init.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrenderertext.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletion-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrenderermarks.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceregex.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletioncontainer.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcefileloader.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutter.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinternal.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionproposal.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceiter.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletioncontext.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletion.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinternal.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage-parser-1.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecontextengine.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutter-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguagemanager.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferoutputstream.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcetypes.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcefile.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyle-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrenderermarks.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceundomanagerdefault.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyle.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebuffer.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestylescheme.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceundomanager.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcefile.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrenderer-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrendererlines.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemarkattributes.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcefileloader.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschemechooserbutton.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschememanager.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschemechooser.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutterrenderertext.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemarkattributes.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemark.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage-parser-2.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionmodel.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceprintcompositor.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceencoding.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschememanager.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcetypes-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemarkssequence.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyle.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecontextengine.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcepixbufhelper.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcegutter.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionitem.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcespacedrawer.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview-i18n.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionprovider.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview-utils.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemap.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletioninfo.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcespacedrawer.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceencoding.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcefilesaver.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceundomanager.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview-typebuiltins.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletioncontainer.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceregex.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcespacedrawer-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceencoding-private.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemap.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourceview-i18n.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschemechooserwidget.h
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcemarkssequence.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c
Examining data/gtksourceview3-3.24.11/gtksourceview/gtksource.h
Examining data/gtksourceview3-3.24.11/tests/syntax-highlighting/file.c
Examining data/gtksourceview3-3.24.11/tests/syntax-highlighting/file.cc
Examining data/gtksourceview3-3.24.11/tests/syntax-highlighting/file.h
Examining data/gtksourceview3-3.24.11/tests/test-undo-manager-performances.c
Examining data/gtksourceview3-3.24.11/tests/test-widget.c
Examining data/gtksourceview3-3.24.11/tests/test-space-drawing.c
Examining data/gtksourceview3-3.24.11/tests/test-search-performances.c
Examining data/gtksourceview3-3.24.11/tests/test-completion.c
Examining data/gtksourceview3-3.24.11/tests/test-search.c
Examining data/gtksourceview3-3.24.11/win32/vs10/math.h
Examining data/gtksourceview3-3.24.11/win32/vs11/math.h
Examining data/gtksourceview3-3.24.11/win32/vs9/math.h

FINAL RESULTS:

data/gtksourceview3-3.24.11/gtksourceview/gtksourceview-utils.c:54:10:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
		home = g_get_home_dir ();
data/gtksourceview3-3.24.11/tests/test-completion.c:85:7:  [3] (random) g_random_boolean:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
		if (g_random_boolean ())
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:274:40:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	default_local_uri = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:286:40:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	default_local_uri = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:429:40:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	default_local_uri = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:445:40:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	unowned_local_uri = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:527:46:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	unowned_group_local_uri = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:558:46:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	unowned_local_directory = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:591:40:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	unowned_local_uri = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:637:46:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
	unowned_group_local_uri = g_build_filename (g_get_tmp_dir (),
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:200:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (outbuf, buf, written);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:210:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (outbuf, buf, bytes);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:215:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy (outbuf + bytes, newline, newline_size);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:304:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy ((gchar *)buffer + read, newline, newline_size);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferoutputstream.c:673:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy (free_text, buffer, len);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferoutputstream.c:968:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (text, ostream->priv->buffer, ostream->priv->buflen);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferoutputstream.c:969:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (text + ostream->priv->buflen, buffer, count);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferoutputstream.c:1015:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy (text2, ostream->priv->iconv_buffer, ostream->priv->iconv_buflen);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferoutputstream.c:1016:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy (text2 + ostream->priv->iconv_buflen, text, len);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcecontextengine.c:6340:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[10];
data/gtksourceview3-3.24.11/gtksourceview/gtksourcestyleschememanager.c:500:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (new_search_path + 1, manager->priv->search_path, (len + 1) * sizeof (gchar*));
data/gtksourceview3-3.24.11/testsuite/test-buffer-output-stream.c:209:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (out + *bytes_written_aux, out_aux, bytes_written);
data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwords.c:257:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	words->priv->word_len = strlen (word);
data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordslibrary.c:130:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen (word);
data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordslibrary.c:163:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen (word);
data/gtksourceview3-3.24.11/gtksourceview/completion-providers/words/gtksourcecompletionwordsutils.c:140:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	gchar *cur_char = text + strlen (text);
data/gtksourceview3-3.24.11/gtksourceview/gconstructor.h:60:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  __pragma(section(".CRT$XCU",read)) \
data/gtksourceview3-3.24.11/gtksourceview/gconstructor.h:68:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  __pragma(section(".CRT$XCU",read)) \
data/gtksourceview3-3.24.11/gtksourceview/gconstructor.h:80:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  section(".CRT$XCU",read)
data/gtksourceview3-3.24.11/gtksourceview/gconstructor.h:87:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  section(".CRT$XCU",read)
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebuffer.c:2379:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	const gsize prefix_len = strlen (CONTEXT_CLASSES_PREFIX);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:113:38:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	gsize bytes_to_write, newline_size, read;
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:228:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	return read;
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:240:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	gssize space_left, read, n;
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:278:44:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		n = read_line (stream, (gchar *)buffer + read, space_left);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:304:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			memcpy ((gchar *)buffer + read, newline, newline_size);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcebufferinputstream.c:311:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	return read;
data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionproposal.c:320:66:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	return GTK_SOURCE_COMPLETION_PROPOSAL_GET_INTERFACE (proposal)->equal (proposal, other);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcecompletionproposal.h:88:14:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	gboolean	 (*equal)		(GtkSourceCompletionProposal *proposal,
data/gtksourceview3-3.24.11/gtksourceview/gtksourcecontextengine.c:4545:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		line->byte_length = strlen (line->text);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage-parser-1.c:62:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			g_string_append_len (str, pattern, strlen(pattern) - 2);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage-parser-1.c:72:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		return g_strndup (pattern, strlen (pattern) - 2);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcelanguage-parser-2.c:617:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			ref_id [strlen (ref_id) - 2] = '\0';
data/gtksourceview3-3.24.11/gtksourceview/gtksourceprintcompositor.c:1906:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	eval = g_string_new_len (NULL, strlen (format));
data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c:590:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*start_pos = strlen (text);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c:729:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		subject_length = strlen (subject);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c:1885:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	subject_length = strlen (subject);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c:2566:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen (text);
data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c:3784:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	subject_replaced[strlen (subject_replaced) - strlen (suffix)] = '\0';
data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c:3784:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	subject_replaced[strlen (subject_replaced) - strlen (suffix)] = '\0';
data/gtksourceview3-3.24.11/gtksourceview/gtksourcesearchcontext.c:3785:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	g_return_val_if_fail (strlen (subject_replaced) >= (guint)start_pos, FALSE);
data/gtksourceview3-3.24.11/gtksourceview/gtksourceundomanagerdefault.c:586:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	pos = g_utf8_find_prev_char (text, text + strlen (text));
data/gtksourceview3-3.24.11/gtksourceview/gtksourceutils.c:69:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	length = strlen (text);
data/gtksourceview3-3.24.11/gtksourceview/gtksourceutils.c:167:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	length = strlen (text);
data/gtksourceview3-3.24.11/gtksourceview/gtksourceview.c:4086:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			gtk_text_buffer_insert (buf, &cur, indent, strlen (indent));
data/gtksourceview3-3.24.11/gtksourceview/gtksourceview.c:4344:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
						strlen (string));
data/gtksourceview3-3.24.11/tests/test-widget.c:103:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					     strlen (text),
data/gtksourceview3-3.24.11/tests/test-widget.c:158:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		lang_string += strlen (LANG_STRING);
data/gtksourceview3-3.24.11/testsuite/test-buffer-input-stream.c:48:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	outlen = strlen (outbuf);
data/gtksourceview3-3.24.11/testsuite/test-buffer-output-stream.c:53:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = MIN (write_chunk_len, strlen (inbuf + n));
data/gtksourceview3-3.24.11/testsuite/test-buffer-output-stream.c:195:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		nread = strlen (text);
data/gtksourceview3-3.24.11/testsuite/test-buffer-output-stream.c:308:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	aux = do_test (TEXT_TO_CONVERT, "UTF-8", NULL, strlen (TEXT_TO_CONVERT), strlen (TEXT_TO_CONVERT), NULL);
data/gtksourceview3-3.24.11/testsuite/test-buffer-output-stream.c:308:75:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	aux = do_test (TEXT_TO_CONVERT, "UTF-8", NULL, strlen (TEXT_TO_CONVERT), strlen (TEXT_TO_CONVERT), NULL);
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:68:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	gsize read;
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:74:65:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	g_input_stream_read_all (stream, buffer, sizeof (buffer) - 1, &read, NULL, &error);
data/gtksourceview3-3.24.11/testsuite/test-file-saver.c:77:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	buffer[read] = '\0';

ANALYSIS SUMMARY:

Hits = 66
Lines analyzed = 78684 in approximately 1.85 seconds (42644 lines/second)
Physical Source Lines of Code (SLOC) = 51438
Hits@level = [0]   1 [1]  44 [2]  12 [3]  10 [4]   0 [5]   0
Hits@level+ = [0+]  67 [1+]  66 [2+]  22 [3+]  10 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 1.30254 [1+] 1.2831 [2+] 0.427699 [3+] 0.194409 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.