Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/j4-dmenu-desktop-2.16/src/Test.cc
Examining data/j4-dmenu-desktop-2.16/src/TestApplication.cc
Examining data/j4-dmenu-desktop-2.16/src/TestApplicationRunner.cc
Examining data/j4-dmenu-desktop-2.16/src/TestFileFinder.cc
Examining data/j4-dmenu-desktop-2.16/src/TestFormatters.cc
Examining data/j4-dmenu-desktop-2.16/src/TestLocaleSuffixes.cc
Examining data/j4-dmenu-desktop-2.16/src/main.cc
Examining data/j4-dmenu-desktop-2.16/src/TestSearchPath.cc
FINAL RESULTS:
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:16:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( !app.read("some-file-that-doesnt-exist", NULL, 0) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:27:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:43:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:59:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:76:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:93:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:108:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE(!app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:123:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:143:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size));
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:151:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE(!app2.read(path.c_str(), &buffer, &size));
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:170:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE(!app.read(path.c_str(), &buffer, &size));
data/j4-dmenu-desktop-2.16/src/TestApplication.cc:178:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app2.read(path.c_str(), &buffer, &size));
data/j4-dmenu-desktop-2.16/src/TestFormatters.cc:23:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
data/j4-dmenu-desktop-2.16/src/TestFormatters.cc:37:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE( app.read(path.c_str(), &buffer, &size) );
ANALYSIS SUMMARY:
Hits = 14
Lines analyzed = 331 in approximately 0.03 seconds (9562 lines/second)
Physical Source Lines of Code (SLOC) = 259
Hits@level = [0] 0 [1] 14 [2] 0 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 14 [1+] 14 [2+] 0 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 54.0541 [1+] 54.0541 [2+] 0 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.