Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libxkbfile-1.1.0/src/XKBfileInt.h Examining data/libxkbfile-1.1.0/src/xkmout.c Examining data/libxkbfile-1.1.0/src/xkmread.c Examining data/libxkbfile-1.1.0/src/maprules.c Examining data/libxkbfile-1.1.0/src/xkberrs.c Examining data/libxkbfile-1.1.0/src/xkbmisc.c Examining data/libxkbfile-1.1.0/src/xkbtext.c Examining data/libxkbfile-1.1.0/src/xkbdraw.c Examining data/libxkbfile-1.1.0/src/xkbout.c Examining data/libxkbfile-1.1.0/src/cout.c Examining data/libxkbfile-1.1.0/src/xkbconfig.c Examining data/libxkbfile-1.1.0/src/srvmisc.c Examining data/libxkbfile-1.1.0/src/xkbatom.c Examining data/libxkbfile-1.1.0/src/xkbbells.c Examining data/libxkbfile-1.1.0/include/X11/extensions/XKBfile.h Examining data/libxkbfile-1.1.0/include/X11/extensions/XKMformat.h Examining data/libxkbfile-1.1.0/include/X11/extensions/XKBrules.h Examining data/libxkbfile-1.1.0/include/X11/extensions/XKBbells.h Examining data/libxkbfile-1.1.0/include/X11/extensions/XKM.h Examining data/libxkbfile-1.1.0/include/X11/extensions/XKBconfig.h FINAL RESULTS: data/libxkbfile-1.1.0/src/cout.c:1083:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hdrdef, tmp); data/libxkbfile-1.1.0/src/maprules.c:56:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define PR_DEBUG(s) fprintf(stderr,s) data/libxkbfile-1.1.0/src/maprules.c:57:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define PR_DEBUG1(s,a) fprintf(stderr,s,a) data/libxkbfile-1.1.0/src/maprules.c:58:26: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define PR_DEBUG2(s,a,b) fprintf(stderr,s,a,b) data/libxkbfile-1.1.0/src/maprules.c:528:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(str1, str2); data/libxkbfile-1.1.0/src/maprules.c:870:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(outstr, mdefs->layout[ndx]); data/libxkbfile-1.1.0/src/maprules.c:878:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(outstr, mdefs->model); data/libxkbfile-1.1.0/src/maprules.c:887:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(outstr, mdefs->variant[ndx]); data/libxkbfile-1.1.0/src/maprules.c:1040:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, base); data/libxkbfile-1.1.0/src/maprules.c:1045:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, base); data/libxkbfile-1.1.0/src/maprules.c:1490:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&pval[out], rules_file); data/libxkbfile-1.1.0/src/maprules.c:1495:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&pval[out], var_defs->model); data/libxkbfile-1.1.0/src/maprules.c:1500:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&pval[out], var_defs->layout); data/libxkbfile-1.1.0/src/maprules.c:1505:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&pval[out], var_defs->variant); data/libxkbfile-1.1.0/src/maprules.c:1510:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&pval[out], var_defs->options); data/libxkbfile-1.1.0/src/xkbconfig.c:1344:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(file, msg, line); data/libxkbfile-1.1.0/src/xkbtext.c:189:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "%sMask", tmp); data/libxkbfile-1.1.0/src/xkbtext.c:191:21: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str, tmp); data/libxkbfile-1.1.0/src/xkbtext.c:214:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rtrn, mm); data/libxkbfile-1.1.0/src/xkbtext.c:252:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, modNames[ndx]); data/libxkbfile-1.1.0/src/xkbtext.c:259:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rtrn, buf); data/libxkbfile-1.1.0/src/xkbtext.c:293:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str, modNames[i]); data/libxkbfile-1.1.0/src/xkbtext.c:303:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rtrn, buf); data/libxkbfile-1.1.0/src/xkbtext.c:552:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, tmp); data/libxkbfile-1.1.0/src/xkbtext.c:564:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, tmp); data/libxkbfile-1.1.0/src/xkbtext.c:599:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&buf[len], prefix); data/libxkbfile-1.1.0/src/xkbtext.c:602:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&buf[len], nknNames[i]); data/libxkbfile-1.1.0/src/xkbtext.c:605:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&buf[len], suffix); data/libxkbfile-1.1.0/src/xkbtext.c:662:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(&buf[len], "Xkb%sMask", ctrlNames[i]); data/libxkbfile-1.1.0/src/xkbtext.c:668:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(&buf[len], "%s", ctrlNames[i]); data/libxkbfile-1.1.0/src/xkbtext.c:861:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(to, from); data/libxkbfile-1.1.0/src/xkbtext.c:1450:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, buf); data/libxkbfile-1.1.0/src/xkbtext.c:1514:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, buf); data/libxkbfile-1.1.0/include/X11/extensions/XKMformat.h:220:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char over[XkbKeyNameLength]; data/libxkbfile-1.1.0/include/X11/extensions/XKMformat.h:221:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char under[XkbKeyNameLength]; data/libxkbfile-1.1.0/src/cout.c:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8]; data/libxkbfile-1.1.0/src/maprules.c:73:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[DFLT_LINE_SIZE]; data/libxkbfile-1.1.0/src/maprules.c:105:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(line->line, line->buf, line->sz_line); data/libxkbfile-1.1.0/src/maprules.c:225:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *cname[MAX_WORDS] = { data/libxkbfile-1.1.0/src/maprules.c:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *name[MAX_WORDS]; data/libxkbfile-1.1.0/src/maprules.c:246:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *layout[XkbNumKbdGroups + 1]; data/libxkbfile-1.1.0/src/maprules.c:247:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *variant[XkbNumKbdGroups + 1]; data/libxkbfile-1.1.0/src/maprules.c:258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ndx_buf[NDX_BUFF_SIZE]; data/libxkbfile-1.1.0/src/maprules.c:278:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *ndx = atoi(ndx_buf); data/libxkbfile-1.1.0/src/maprules.c:1027:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/libxkbfile-1.1.0/src/maprules.c:1043:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(buf, "r"); data/libxkbfile-1.1.0/src/maprules.c:1046:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(buf, "r"); data/libxkbfile-1.1.0/src/maprules.c:1232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PATH_MAX]; data/libxkbfile-1.1.0/src/maprules.c:1248:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(buf, "r"); data/libxkbfile-1.1.0/src/maprules.c:1252:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(buf, "r"); data/libxkbfile-1.1.0/src/xkbbells.c:34:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *_xkbStdBellNames[XkbBI_NumBells] = { data/libxkbfile-1.1.0/src/xkbconfig.c:54:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char _XkbCF_rtrn[XKBCF_MAX_STR_LEN + 1]; data/libxkbfile-1.1.0/src/xkbconfig.c:1142:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pNew, fields, sizeof(XkbConfigFieldsRec)); data/libxkbfile-1.1.0/src/xkbconfig.c:1146:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fields->fields, pNew->fields, data/libxkbfile-1.1.0/src/xkbout.c:578:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[5]; data/libxkbfile-1.1.0/src/xkbout.c:580:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, xkb->names->keys[i].name, 4); data/libxkbfile-1.1.0/src/xkbtext.c:52:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char textBuffer[BUFFER_SIZE]; data/libxkbfile-1.1.0/src/xkbtext.c:152:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *str, buf[BUFFER_SIZE]; data/libxkbfile-1.1.0/src/xkbtext.c:232:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *modNames[XkbNumModifiers] = { data/libxkbfile-1.1.0/src/xkbtext.c:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkbtext.c:254:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "none"); data/libxkbfile-1.1.0/src/xkbtext.c:267:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64], *rtrn; data/libxkbfile-1.1.0/src/xkbtext.c:271:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "0xff"); data/libxkbfile-1.1.0/src/xkbtext.c:273:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "all"); data/libxkbfile-1.1.0/src/xkbtext.c:279:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "none"); data/libxkbfile-1.1.0/src/xkbtext.c:296:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, "Mask"); data/libxkbfile-1.1.0/src/xkbtext.c:319:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "Semantics"); data/libxkbfile-1.1.0/src/xkbtext.c:322:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "Layout"); data/libxkbfile-1.1.0/src/xkbtext.c:325:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "Keymap"); data/libxkbfile-1.1.0/src/xkbtext.c:329:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "Geometry"); data/libxkbfile-1.1.0/src/xkbtext.c:332:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "Types"); data/libxkbfile-1.1.0/src/xkbtext.c:335:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "CompatMap"); data/libxkbfile-1.1.0/src/xkbtext.c:338:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "Symbols"); data/libxkbfile-1.1.0/src/xkbtext.c:341:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "Indicators"); data/libxkbfile-1.1.0/src/xkbtext.c:344:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "KeyNames"); data/libxkbfile-1.1.0/src/xkbtext.c:347:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "VirtualMods"); data/libxkbfile-1.1.0/src/xkbtext.c:361:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[32], *rtrn; data/libxkbfile-1.1.0/src/xkbtext.c:364:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rtrn = buf, "NoSymbol"); data/libxkbfile-1.1.0/src/xkbtext.c:383:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, name, 4); data/libxkbfile-1.1.0/src/xkbtext.c:391:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&buf[1], name, 4); data/libxkbfile-1.1.0/src/xkbtext.c:402:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *siMatchText[5] = { data/libxkbfile-1.1.0/src/xkbtext.c:409:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[40]; data/libxkbfile-1.1.0/src/xkbtext.c:642:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "none"); data/libxkbfile-1.1.0/src/xkbtext.c:736:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out, "%o", *in); data/libxkbfile-1.1.0/src/xkbtext.c:787:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "XkbOutlineDoodad"); data/libxkbfile-1.1.0/src/xkbtext.c:789:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "XkbSolidDoodad"); data/libxkbfile-1.1.0/src/xkbtext.c:791:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "XkbTextDoodad"); data/libxkbfile-1.1.0/src/xkbtext.c:793:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "XkbIndicatorDoodad"); data/libxkbfile-1.1.0/src/xkbtext.c:795:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "XkbLogoDoodad"); data/libxkbfile-1.1.0/src/xkbtext.c:803:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "outline"); data/libxkbfile-1.1.0/src/xkbtext.c:805:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "solid"); data/libxkbfile-1.1.0/src/xkbtext.c:807:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "text"); data/libxkbfile-1.1.0/src/xkbtext.c:809:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "indicator"); data/libxkbfile-1.1.0/src/xkbtext.c:811:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "logo"); data/libxkbfile-1.1.0/src/xkbtext.c:818:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *actionTypeNames[XkbSA_NumActions] = { data/libxkbfile-1.1.0/src/xkbtext.c:836:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:926:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:953:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:980:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:1020:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:1040:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[64]; data/libxkbfile-1.1.0/src/xkbtext.c:1124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:1146:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:1248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:1283:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32], *tmp; data/libxkbfile-1.1.0/src/xkbtext.c:1332:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:1370:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[32]; data/libxkbfile-1.1.0/src/xkbtext.c:1427:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ACTION_SZ], *tmp; data/libxkbfile-1.1.0/src/xkbtext.c:1457:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *tmp; data/libxkbfile-1.1.0/src/xkbtext.c:1501:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char tbuf[8]; data/libxkbfile-1.1.0/src/xkbtext.c:1523:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[32]; data/libxkbfile-1.1.0/src/xkmout.c:576:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *typeName[XkbNumKbdGroups]; data/libxkbfile-1.1.0/src/xkmout.c:984:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(keyWire.over, key->over.name, XkbKeyNameLength); data/libxkbfile-1.1.0/src/xkmout.c:985:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(keyWire.under, key->under.name, XkbKeyNameLength); data/libxkbfile-1.1.0/src/xkmout.c:1031:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(keyWire.name, key->name.name, XkbKeyNameLength); data/libxkbfile-1.1.0/src/xkmread.c:190:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[100]; data/libxkbfile-1.1.0/src/xkmread.c:211:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[100]; data/libxkbfile-1.1.0/src/xkmread.c:285:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkmread.c:423:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[100]; data/libxkbfile-1.1.0/src/xkmread.c:505:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkmread.c:594:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkmread.c:763:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkmread.c:817:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkmread.c:847:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(row->keys[k].over.name, keyWire.over, XkbKeyNameLength); data/libxkbfile-1.1.0/src/xkmread.c:848:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(row->keys[k].under.name, keyWire.under, XkbKeyNameLength); data/libxkbfile-1.1.0/src/xkmread.c:863:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkmread.c:909:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key->name.name, keyWire.name, XkbKeyNameLength); data/libxkbfile-1.1.0/src/xkmread.c:939:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/libxkbfile-1.1.0/src/xkmread.c:967:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[1024]; data/libxkbfile-1.1.0/src/xkmread.c:1210:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[100]; data/libxkbfile-1.1.0/src/cout.c:1081:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hdrdef = (char *) _XkbCalloc(strlen(tmp) + 1, sizeof(char)); data/libxkbfile-1.1.0/src/maprules.c:122:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #undef getc data/libxkbfile-1.1.0/src/maprules.c:123:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define getc(x) getc_unlocked(x) data/libxkbfile-1.1.0/src/maprules.c:139:23: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (((ch = getc(file)) != '\n') && (ch != EOF)) { data/libxkbfile-1.1.0/src/maprules.c:141:27: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((ch = getc(file)) == EOF) data/libxkbfile-1.1.0/src/maprules.c:171:26: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(file); data/libxkbfile-1.1.0/src/maprules.c:276:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ndx_buf, str, end - str); data/libxkbfile-1.1.0/src/maprules.c:308:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cname[i]); data/libxkbfile-1.1.0/src/maprules.c:310:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tok) > len) { data/libxkbfile-1.1.0/src/maprules.c:393:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int want_len = strlen(wanted); data/libxkbfile-1.1.0/src/maprules.c:404:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/libxkbfile-1.1.0/src/maprules.c:525:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str1) + strlen(str2) + 1; data/libxkbfile-1.1.0/src/maprules.c:525:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str1) + strlen(str2) + 1; data/libxkbfile-1.1.0/src/maprules.c:665:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0, p = group->words; i < group->number; i++, p += strlen(p) + 1) { data/libxkbfile-1.1.0/src/maprules.c:812:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/libxkbfile-1.1.0/src/maprules.c:832:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(mdefs->layout[ndx]) + extra_len; data/libxkbfile-1.1.0/src/maprules.c:834:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(mdefs->model) + extra_len; data/libxkbfile-1.1.0/src/maprules.c:836:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(mdefs->variant[ndx]) + extra_len; data/libxkbfile-1.1.0/src/maprules.c:871:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). outstr += strlen(mdefs->layout[ndx]); data/libxkbfile-1.1.0/src/maprules.c:879:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). outstr += strlen(mdefs->model); data/libxkbfile-1.1.0/src/maprules.c:888:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). outstr += strlen(mdefs->variant[ndx]); data/libxkbfile-1.1.0/src/maprules.c:1033:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(base) + strlen(locale) + 2 > PATH_MAX) data/libxkbfile-1.1.0/src/maprules.c:1033:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(base) + strlen(locale) + 2 > PATH_MAX) data/libxkbfile-1.1.0/src/maprules.c:1038:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(base) + 1 > PATH_MAX) data/libxkbfile-1.1.0/src/maprules.c:1180:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(line.line); data/libxkbfile-1.1.0/src/maprules.c:1186:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tmp.name) == len) { data/libxkbfile-1.1.0/src/maprules.c:1192:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tok = line.line + strlen(tmp.name) + 1; data/libxkbfile-1.1.0/src/maprules.c:1238:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(base) + strlen(locale) + 6 > PATH_MAX) data/libxkbfile-1.1.0/src/maprules.c:1238:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(base) + strlen(locale) + 6 > PATH_MAX) data/libxkbfile-1.1.0/src/maprules.c:1243:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(base) + 5 > PATH_MAX) data/libxkbfile-1.1.0/src/maprules.c:1431:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(out) + 1; data/libxkbfile-1.1.0/src/maprules.c:1436:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(out) + 1; data/libxkbfile-1.1.0/src/maprules.c:1442:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(out) + 1; data/libxkbfile-1.1.0/src/maprules.c:1448:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(out) + 1; data/libxkbfile-1.1.0/src/maprules.c:1454:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(out) + 1; data/libxkbfile-1.1.0/src/maprules.c:1468:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (rules_file ? strlen(rules_file) : 0); data/libxkbfile-1.1.0/src/maprules.c:1469:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (var_defs->model ? strlen(var_defs->model) : 0); data/libxkbfile-1.1.0/src/maprules.c:1470:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (var_defs->layout ? strlen(var_defs->layout) : 0); data/libxkbfile-1.1.0/src/maprules.c:1471:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (var_defs->variant ? strlen(var_defs->variant) : 0); data/libxkbfile-1.1.0/src/maprules.c:1472:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += (var_defs->options ? strlen(var_defs->options) : 0); data/libxkbfile-1.1.0/src/maprules.c:1491:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(rules_file); data/libxkbfile-1.1.0/src/maprules.c:1496:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(var_defs->model); data/libxkbfile-1.1.0/src/maprules.c:1501:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(var_defs->layout); data/libxkbfile-1.1.0/src/maprules.c:1506:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(var_defs->variant); data/libxkbfile-1.1.0/src/maprules.c:1511:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out += strlen(var_defs->options); data/libxkbfile-1.1.0/src/xkbatom.c:125:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((comp < 0) || ((comp == 0) && (len < strlen((*np)->string)))) data/libxkbfile-1.1.0/src/xkbatom.c:144:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(nd->string, string, (int) len); data/libxkbfile-1.1.0/src/xkbatom.c:212:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return _XkbMakeAtom(name, strlen(name), (!onlyIfExists)); data/libxkbfile-1.1.0/src/xkbconfig.c:63:67: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i = 0; (isalpha(ch) || isdigit(ch) || (ch == '_')); ch = getc(file)) { data/libxkbfile-1.1.0/src/xkbconfig.c:79:19: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (((ch = getc(file)) != EOF) && (ch != '\n') && (ch != quote)) { data/libxkbfile-1.1.0/src/xkbconfig.c:81:23: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((ch = getc(file)) != EOF) { data/libxkbfile-1.1.0/src/xkbconfig.c:100:33: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (((tmp = getc(file)) != EOF) && (isdigit(tmp)) && data/libxkbfile-1.1.0/src/xkbconfig.c:108:44: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((!stop) && ((tmp = getc(file)) != EOF) && (isdigit(tmp)) data/libxkbfile-1.1.0/src/xkbconfig.c:116:44: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((!stop) && ((tmp = getc(file)) != EOF) && (isdigit(tmp)) data/libxkbfile-1.1.0/src/xkbconfig.c:161:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(file); data/libxkbfile-1.1.0/src/xkbconfig.c:178:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(file); data/libxkbfile-1.1.0/src/xkbconfig.c:186:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(file); data/libxkbfile-1.1.0/src/xkbconfig.c:195:46: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if ((ch == '#') || ((ch == '/') && (getc(file) == '/'))) { data/libxkbfile-1.1.0/src/xkbconfig.c:197:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(file); data/libxkbfile-1.1.0/src/xkbtext.c:80:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tmp) + 1; data/libxkbfile-1.1.0/src/xkbtext.c:84:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rtrn, tmp, len); data/libxkbfile-1.1.0/src/xkbtext.c:127:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tmp) + 1; data/libxkbfile-1.1.0/src/xkbtext.c:137:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rtrn, tmp, len); data/libxkbfile-1.1.0/src/xkbtext.c:176:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tmp) + 1 + (str == buf ? 0 : 1); data/libxkbfile-1.1.0/src/xkbtext.c:200:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mm); data/libxkbfile-1.1.0/src/xkbtext.c:204:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(str) + (mm == NULL ? 0 : 1); data/libxkbfile-1.1.0/src/xkbtext.c:211:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(mm); data/libxkbfile-1.1.0/src/xkbtext.c:222:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(rtrn, "|"); data/libxkbfile-1.1.0/src/xkbtext.c:224:17: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(rtrn, "+"); data/libxkbfile-1.1.0/src/xkbtext.c:226:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(rtrn, str, len - i); data/libxkbfile-1.1.0/src/xkbtext.c:258:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rtrn = tbGetBuffer(strlen(buf) + 1); data/libxkbfile-1.1.0/src/xkbtext.c:277:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, "0"); data/libxkbfile-1.1.0/src/xkbtext.c:294:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str = &str[strlen(str)]; data/libxkbfile-1.1.0/src/xkbtext.c:302:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rtrn = tbGetBuffer(strlen(buf) + 1); data/libxkbfile-1.1.0/src/xkbtext.c:393:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf); data/libxkbfile-1.1.0/src/xkbtext.c:452:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, "0"); data/libxkbfile-1.1.0/src/xkbtext.c:459:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(imWhichNames[i]) + 1; data/libxkbfile-1.1.0/src/xkbtext.c:483:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(&buf[len]); data/libxkbfile-1.1.0/src/xkbtext.c:551:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = tbGetBuffer(strlen(tmp) + 1); data/libxkbfile-1.1.0/src/xkbtext.c:563:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = tbGetBuffer(strlen(tmp) + 1); data/libxkbfile-1.1.0/src/xkbtext.c:579:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen = strlen(suffix); data/libxkbfile-1.1.0/src/xkbtext.c:585:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += plen + slen + strlen(nknNames[i]); data/libxkbfile-1.1.0/src/xkbtext.c:603:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(nknNames[i]); data/libxkbfile-1.1.0/src/xkbtext.c:640:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, "0"); data/libxkbfile-1.1.0/src/xkbtext.c:649:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(ctrlNames[i]) + 1; data/libxkbfile-1.1.0/src/xkbtext.c:670:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(&buf[len]); data/libxkbfile-1.1.0/src/xkbtext.c:859:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(from); data/libxkbfile-1.1.0/src/xkbtext.c:1441:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz = ACTION_SZ - strlen(buf) + 2; /* room for close paren and NULL */ data/libxkbfile-1.1.0/src/xkbtext.c:1448:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tbGetBuffer(strlen(buf) + 1); data/libxkbfile-1.1.0/src/xkbtext.c:1482:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = &buf[strlen(buf)]; data/libxkbfile-1.1.0/src/xkbtext.c:1512:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tbGetBuffer(strlen(buf) + 1); data/libxkbfile-1.1.0/src/xkmout.c:109:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return XkbPaddedSize(strlen(str) + 2); data/libxkbfile-1.1.0/src/xkmout.c:117:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return xkmPutCountedBytes(file, str, strlen(str)); data/libxkbfile-1.1.0/src/xkmread.c:87:11: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = getc(file); data/libxkbfile-1.1.0/src/xkmread.c:119:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (getc(file) != EOF) data/libxkbfile-1.1.0/src/xkmread.c:137:22: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((getc(file)) != EOF) data/libxkbfile-1.1.0/src/xkmread.c:395:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(buf) == 0) ANALYSIS SUMMARY: Hits = 227 Lines analyzed = 12527 in approximately 0.36 seconds (34825 lines/second) Physical Source Lines of Code (SLOC) = 10826 Hits@level = [0] 633 [1] 97 [2] 97 [3] 0 [4] 33 [5] 0 Hits@level+ = [0+] 860 [1+] 227 [2+] 130 [3+] 33 [4+] 33 [5+] 0 Hits/KSLOC@level+ = [0+] 79.4384 [1+] 20.968 [2+] 12.0081 [3+] 3.04822 [4+] 3.04822 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.