Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pluma-1.24.1/plugins/changecase/pluma-changecase-plugin.c
Examining data/pluma-1.24.1/plugins/changecase/pluma-changecase-plugin.h
Examining data/pluma-1.24.1/plugins/docinfo/pluma-docinfo-plugin.c
Examining data/pluma-1.24.1/plugins/docinfo/pluma-docinfo-plugin.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-bookmarks-store.c
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-bookmarks-store.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-error.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-messages.c
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-messages.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-plugin.c
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-plugin.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-store.c
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-store.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-utils.c
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-utils.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-view.c
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-view.h
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-widget.c
Examining data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-widget.h
Examining data/pluma-1.24.1/plugins/modelines/modeline-parser.c
Examining data/pluma-1.24.1/plugins/modelines/modeline-parser.h
Examining data/pluma-1.24.1/plugins/modelines/pluma-modeline-plugin.c
Examining data/pluma-1.24.1/plugins/modelines/pluma-modeline-plugin.h
Examining data/pluma-1.24.1/plugins/sort/pluma-sort-plugin.c
Examining data/pluma-1.24.1/plugins/sort/pluma-sort-plugin.h
Examining data/pluma-1.24.1/plugins/spell/pluma-automatic-spell-checker.c
Examining data/pluma-1.24.1/plugins/spell/pluma-automatic-spell-checker.h
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-checker-dialog.c
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-checker-dialog.h
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-checker-language.c
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-checker-language.h
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-checker.c
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-checker.h
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-language-dialog.c
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-language-dialog.h
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-plugin.c
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-plugin.h
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-utils.c
Examining data/pluma-1.24.1/plugins/spell/pluma-spell-utils.h
Examining data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin-panel.c
Examining data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin-panel.h
Examining data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin-parser.c
Examining data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin-parser.h
Examining data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin.c
Examining data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin.h
Examining data/pluma-1.24.1/plugins/time/pluma-time-plugin.c
Examining data/pluma-1.24.1/plugins/time/pluma-time-plugin.h
Examining data/pluma-1.24.1/plugins/trailsave/pluma-trail-save-plugin.c
Examining data/pluma-1.24.1/plugins/trailsave/pluma-trail-save-plugin.h
Examining data/pluma-1.24.1/pluma/bacon-message-connection.c
Examining data/pluma-1.24.1/pluma/bacon-message-connection.h
Examining data/pluma-1.24.1/pluma/dialogs/pluma-close-confirmation-dialog.c
Examining data/pluma-1.24.1/pluma/dialogs/pluma-close-confirmation-dialog.h
Examining data/pluma-1.24.1/pluma/dialogs/pluma-encodings-dialog.c
Examining data/pluma-1.24.1/pluma/dialogs/pluma-encodings-dialog.h
Examining data/pluma-1.24.1/pluma/dialogs/pluma-preferences-dialog.c
Examining data/pluma-1.24.1/pluma/dialogs/pluma-preferences-dialog.h
Examining data/pluma-1.24.1/pluma/dialogs/pluma-search-dialog.c
Examining data/pluma-1.24.1/pluma/dialogs/pluma-search-dialog.h
Examining data/pluma-1.24.1/pluma/pluma-app.c
Examining data/pluma-1.24.1/pluma/pluma-app.h
Examining data/pluma-1.24.1/pluma/pluma-close-button.c
Examining data/pluma-1.24.1/pluma/pluma-close-button.h
Examining data/pluma-1.24.1/pluma/pluma-commands-documents.c
Examining data/pluma-1.24.1/pluma/pluma-commands-edit.c
Examining data/pluma-1.24.1/pluma/pluma-commands-file-print.c
Examining data/pluma-1.24.1/pluma/pluma-commands-file.c
Examining data/pluma-1.24.1/pluma/pluma-commands-help.c
Examining data/pluma-1.24.1/pluma/pluma-commands-search.c
Examining data/pluma-1.24.1/pluma/pluma-commands-view.c
Examining data/pluma-1.24.1/pluma/pluma-commands.h
Examining data/pluma-1.24.1/pluma/pluma-debug.c
Examining data/pluma-1.24.1/pluma/pluma-debug.h
Examining data/pluma-1.24.1/pluma/pluma-dirs.c
Examining data/pluma-1.24.1/pluma/pluma-dirs.h
Examining data/pluma-1.24.1/pluma/pluma-document-input-stream.c
Examining data/pluma-1.24.1/pluma/pluma-document-input-stream.h
Examining data/pluma-1.24.1/pluma/pluma-document-loader.c
Examining data/pluma-1.24.1/pluma/pluma-document-loader.h
Examining data/pluma-1.24.1/pluma/pluma-document-output-stream.c
Examining data/pluma-1.24.1/pluma/pluma-document-output-stream.h
Examining data/pluma-1.24.1/pluma/pluma-document-saver.c
Examining data/pluma-1.24.1/pluma/pluma-document-saver.h
Examining data/pluma-1.24.1/pluma/pluma-document.c
Examining data/pluma-1.24.1/pluma/pluma-document.h
Examining data/pluma-1.24.1/pluma/pluma-documents-panel.c
Examining data/pluma-1.24.1/pluma/pluma-documents-panel.h
Examining data/pluma-1.24.1/pluma/pluma-encodings-combo-box.c
Examining data/pluma-1.24.1/pluma/pluma-encodings-combo-box.h
Examining data/pluma-1.24.1/pluma/pluma-encodings.c
Examining data/pluma-1.24.1/pluma/pluma-encodings.h
Examining data/pluma-1.24.1/pluma/pluma-file-chooser-dialog.c
Examining data/pluma-1.24.1/pluma/pluma-file-chooser-dialog.h
Examining data/pluma-1.24.1/pluma/pluma-gio-document-loader.c
Examining data/pluma-1.24.1/pluma/pluma-gio-document-loader.h
Examining data/pluma-1.24.1/pluma/pluma-gio-document-saver.c
Examining data/pluma-1.24.1/pluma/pluma-gio-document-saver.h
Examining data/pluma-1.24.1/pluma/pluma-help.c
Examining data/pluma-1.24.1/pluma/pluma-help.h
Examining data/pluma-1.24.1/pluma/pluma-history-entry.c
Examining data/pluma-1.24.1/pluma/pluma-history-entry.h
Examining data/pluma-1.24.1/pluma/pluma-io-error-message-area.c
Examining data/pluma-1.24.1/pluma/pluma-io-error-message-area.h
Examining data/pluma-1.24.1/pluma/pluma-language-manager.c
Examining data/pluma-1.24.1/pluma/pluma-language-manager.h
Examining data/pluma-1.24.1/pluma/pluma-message-bus.c
Examining data/pluma-1.24.1/pluma/pluma-message-bus.h
Examining data/pluma-1.24.1/pluma/pluma-message-type.c
Examining data/pluma-1.24.1/pluma/pluma-message-type.h
Examining data/pluma-1.24.1/pluma/pluma-message.c
Examining data/pluma-1.24.1/pluma/pluma-message.h
Examining data/pluma-1.24.1/pluma/pluma-metadata-manager.c
Examining data/pluma-1.24.1/pluma/pluma-metadata-manager.h
Examining data/pluma-1.24.1/pluma/pluma-notebook.c
Examining data/pluma-1.24.1/pluma/pluma-notebook.h
Examining data/pluma-1.24.1/pluma/pluma-panel.c
Examining data/pluma-1.24.1/pluma/pluma-panel.h
Examining data/pluma-1.24.1/pluma/pluma-plugins-engine.c
Examining data/pluma-1.24.1/pluma/pluma-plugins-engine.h
Examining data/pluma-1.24.1/pluma/pluma-prefs-manager-app.c
Examining data/pluma-1.24.1/pluma/pluma-prefs-manager-app.h
Examining data/pluma-1.24.1/pluma/pluma-prefs-manager-private.h
Examining data/pluma-1.24.1/pluma/pluma-prefs-manager.c
Examining data/pluma-1.24.1/pluma/pluma-prefs-manager.h
Examining data/pluma-1.24.1/pluma/pluma-print-job.c
Examining data/pluma-1.24.1/pluma/pluma-print-job.h
Examining data/pluma-1.24.1/pluma/pluma-print-preview.c
Examining data/pluma-1.24.1/pluma/pluma-print-preview.h
Examining data/pluma-1.24.1/pluma/pluma-progress-message-area.c
Examining data/pluma-1.24.1/pluma/pluma-progress-message-area.h
Examining data/pluma-1.24.1/pluma/pluma-session.c
Examining data/pluma-1.24.1/pluma/pluma-session.h
Examining data/pluma-1.24.1/pluma/pluma-smart-charset-converter.c
Examining data/pluma-1.24.1/pluma/pluma-smart-charset-converter.h
Examining data/pluma-1.24.1/pluma/pluma-status-combo-box.c
Examining data/pluma-1.24.1/pluma/pluma-status-combo-box.h
Examining data/pluma-1.24.1/pluma/pluma-statusbar.c
Examining data/pluma-1.24.1/pluma/pluma-statusbar.h
Examining data/pluma-1.24.1/pluma/pluma-style-scheme-manager.c
Examining data/pluma-1.24.1/pluma/pluma-style-scheme-manager.h
Examining data/pluma-1.24.1/pluma/pluma-tab-label.c
Examining data/pluma-1.24.1/pluma/pluma-tab-label.h
Examining data/pluma-1.24.1/pluma/pluma-tab.c
Examining data/pluma-1.24.1/pluma/pluma-tab.h
Examining data/pluma-1.24.1/pluma/pluma-ui.h
Examining data/pluma-1.24.1/pluma/pluma-utils.c
Examining data/pluma-1.24.1/pluma/pluma-utils.h
Examining data/pluma-1.24.1/pluma/pluma-view.c
Examining data/pluma-1.24.1/pluma/pluma-view.h
Examining data/pluma-1.24.1/pluma/pluma-window-private.h
Examining data/pluma-1.24.1/pluma/pluma-window.c
Examining data/pluma-1.24.1/pluma/pluma-window.h
Examining data/pluma-1.24.1/pluma/pluma.c
Examining data/pluma-1.24.1/pluma/plumatextregion.c
Examining data/pluma-1.24.1/pluma/plumatextregion.h
Examining data/pluma-1.24.1/pluma/smclient/eggdesktopfile.c
Examining data/pluma-1.24.1/pluma/smclient/eggdesktopfile.h
Examining data/pluma-1.24.1/pluma/smclient/eggsmclient-private.h
Examining data/pluma-1.24.1/pluma/smclient/eggsmclient-xsmp.c
Examining data/pluma-1.24.1/pluma/smclient/eggsmclient.c
Examining data/pluma-1.24.1/pluma/smclient/eggsmclient.h
Examining data/pluma-1.24.1/tests/document-input-stream.c
Examining data/pluma-1.24.1/tests/document-loader.c
Examining data/pluma-1.24.1/tests/document-output-stream.c
Examining data/pluma-1.24.1/tests/document-saver.c
Examining data/pluma-1.24.1/tests/smart-converter.c
Examining data/pluma-1.24.1/tools/plugin_template/pluma-plugin.c
Examining data/pluma-1.24.1/tools/plugin_template/pluma-plugin.h
FINAL RESULTS:
data/pluma-1.24.1/pluma/pluma-window.c:315:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tempfont, font);
data/pluma-1.24.1/plugins/filebrowser/pluma-file-bookmarks-store.c:210:9: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
path = g_get_home_dir ();
data/pluma-1.24.1/plugins/filebrowser/pluma-file-bookmarks-store.c:504:27: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
return g_build_filename (g_get_home_dir (), ".gtk-bookmarks", NULL);
data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin-parser.c:612:9: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
home = g_get_home_dir ();
data/pluma-1.24.1/pluma/bacon-message-connection.c:231:11: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
tmpdir = g_get_tmp_dir ();
data/pluma-1.24.1/pluma/bacon-message-connection.c:236:25: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g_get_user_name (), g_random_int ());
data/pluma-1.24.1/pluma/pluma-utils.c:799:17: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
tmp = (gchar *)g_get_home_dir ();
data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-plugin.c:1071:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gboolean open;
data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-plugin.c:1076:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open) {
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:305:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:316:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:332:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:415:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:425:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:513:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:523:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/modelines/modeline-parser.c:547:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi (value->str);
data/pluma-1.24.1/plugins/spell/pluma-spell-checker-language.c:266:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
langname = (const char *) g_hash_table_lookup (iso_639_table, str[0]);
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:354:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (outbuf, buf, written);
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (outbuf, buf, bytes);
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:369:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (outbuf + bytes, newline, newline_size);
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:450:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((void *) ((gsize) buffer + read), newline, newline_size);
data/pluma-1.24.1/pluma/pluma-document-output-stream.c:313:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (text, ostream->priv->buffer, ostream->priv->buflen);
data/pluma-1.24.1/pluma/pluma-document-output-stream.c:314:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (text + ostream->priv->buflen, buffer, count);
data/pluma-1.24.1/pluma/pluma-document.c:662:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testfile = fopen (file_path, "r");
data/pluma-1.24.1/pluma/pluma-document.c:1382:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
offset = pos ? atoi (pos) : 0;
data/pluma-1.24.1/pluma/pluma-print-preview.c:382:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
page = CLAMP (atoi (text), 1, preview->priv->n_pages) - 1;
data/pluma-1.24.1/pluma/pluma-print-preview.c:427:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
page = atoi (text) - 1;
data/pluma-1.24.1/pluma/pluma-smart-charset-converter.c:329:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (outbuf, inbuf, size);
data/pluma-1.24.1/pluma/pluma-view.c:1913:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
offset_line = MAX (atoi (text + 1), 0);
data/pluma-1.24.1/pluma/pluma-view.c:1922:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
offset_line = MAX (atoi (text + 1), 0);
data/pluma-1.24.1/pluma/pluma-view.c:1928:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line = MAX (atoi (text) - 1, 0);
data/pluma-1.24.1/pluma/pluma-view.c:1933:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line_offset = atoi (split_text[1]);
data/pluma-1.24.1/pluma/pluma-window.c:323:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tempsize, "%d", nsize);
data/pluma-1.24.1/pluma/pluma-window.c:335:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tempsize, "%d", nsize);
data/pluma-1.24.1/pluma/pluma.c:161:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line_position = atoi (remaining_args[i] + 1);
data/pluma-1.24.1/pluma/pluma.c:268:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
startup_timestamp = atoi (params[0]);
data/pluma-1.24.1/pluma/pluma.c:270:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
workspace = atoi (params[3]);
data/pluma-1.24.1/pluma/pluma.c:271:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
viewport_x = atoi (params[4]);
data/pluma-1.24.1/pluma/pluma.c:272:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
viewport_y = atoi (params[5]);
data/pluma-1.24.1/pluma/pluma.c:304:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line_position = atoi (params[1]);
data/pluma-1.24.1/pluma/pluma.c:309:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n_uris = atoi (params[3]);
data/pluma-1.24.1/pluma/smclient/eggsmclient-xsmp.c:208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_str[64];
data/pluma-1.24.1/pluma/smclient/eggsmclient-xsmp.c:319:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_string_ret[256];
data/pluma-1.24.1/pluma/smclient/eggsmclient-xsmp.c:869:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (state_file_path, O_WRONLY | O_CREAT | O_EXCL, 0644);
data/pluma-1.24.1/tests/smart-converter.c:88:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out + *bytes_written_aux, out_aux, bytes_written);
data/pluma-1.24.1/tests/smart-converter.c:184:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out + bytes_written_aux, out_aux, bytes_written);
data/pluma-1.24.1/plugins/docinfo/pluma-docinfo-plugin.c:194:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*bytes = strlen (text);
data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-store.c:2946:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal && virtual_root == NULL) {
data/pluma-1.24.1/plugins/filebrowser/pluma-file-browser-store.c:2955:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal && g_file_equal (vfile, model->priv->virtual_root->file)) {
data/pluma-1.24.1/plugins/spell/pluma-automatic-spell-checker.c:394:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldword, strlen (oldword),
data/pluma-1.24.1/plugins/spell/pluma-automatic-spell-checker.c:395:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newword, strlen (newword));
data/pluma-1.24.1/plugins/spell/pluma-spell-checker-dialog.c:551:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/pluma-1.24.1/plugins/spell/pluma-spell-checker.c:340:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/pluma-1.24.1/plugins/spell/pluma-spell-checker.c:397:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/pluma-1.24.1/plugins/spell/pluma-spell-checker.c:434:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/pluma-1.24.1/plugins/spell/pluma-spell-checker.c:458:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/pluma-1.24.1/plugins/spell/pluma-spell-checker.c:508:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
w_len = strlen (word);
data/pluma-1.24.1/plugins/spell/pluma-spell-checker.c:511:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r_len = strlen (replacement);
data/pluma-1.24.1/plugins/spell/pluma-spell-utils.c:38:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (text);
data/pluma-1.24.1/plugins/taglist/pluma-taglist-plugin-panel.c:419:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((group_name == NULL) || (strlen (group_name) <= 0))
data/pluma-1.24.1/plugins/time/pluma-time-plugin.c:420:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (format) == 0)
data/pluma-1.24.1/pluma/bacon-message-connection.c:144:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read (cd, &buf, 1);
data/pluma-1.24.1/pluma/bacon-message-connection.c:150:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read (cd, &buf, 1);
data/pluma-1.24.1/pluma/bacon-message-connection.c:173:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subs += strlen (subs) + 1;
data/pluma-1.24.1/pluma/bacon-message-connection.c:254:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (uaddr.sun_path, conn->path,
data/pluma-1.24.1/pluma/bacon-message-connection.c:255:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MIN (strlen(conn->path)+1, UNIX_PATH_MAX));
data/pluma-1.24.1/pluma/bacon-message-connection.c:275:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (uaddr.sun_path, conn->path,
data/pluma-1.24.1/pluma/bacon-message-connection.c:276:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MIN(strlen(conn->path)+1, UNIX_PATH_MAX));
data/pluma-1.24.1/pluma/bacon-message-connection.c:383:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_io_channel_write_chars (conn->chan, message, strlen (message),
data/pluma-1.24.1/pluma/dialogs/pluma-search-dialog.c:198:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_len = strlen (escaped_text);
data/pluma-1.24.1/pluma/pluma-commands-search.c:336:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gtk_text_buffer_insert_at_cursor (buffer, replace, strlen (replace));
data/pluma-1.24.1/pluma/pluma-commands-search.c:393:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (selected_text),
data/pluma-1.24.1/pluma/pluma-commands-search.c:394:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (unescaped_search_text)) != 0);
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:278:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gsize bytes_to_write, newline_size, read;
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:382:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:394:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gssize space_left, read, n;
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:425:54: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read_line (dstream, (void *) ((gsize) buffer + read), space_left);
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:450:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy ((void *) ((gsize) buffer + read), newline, newline_size);
data/pluma-1.24.1/pluma/pluma-document-input-stream.c:457:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/pluma-1.24.1/pluma/pluma-document-saver.c:301:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_return_if_fail (saver->uri != NULL && strlen (saver->uri) > 0);
data/pluma-1.24.1/pluma/pluma-document.c:674:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc (testfile);
data/pluma-1.24.1/pluma/pluma-document.c:1444:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
goffset read;
data/pluma-1.24.1/pluma/pluma-document.c:1458:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read,
data/pluma-1.24.1/pluma/pluma-document.c:1817:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (text);
data/pluma-1.24.1/pluma/pluma-document.c:2174:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replace_text_len = strlen (replace_text);
data/pluma-1.24.1/pluma/pluma-document.c:2225:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replace_text_len = strlen (replace_text);
data/pluma-1.24.1/pluma/pluma-gio-document-loader.c:57:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gssize read;
data/pluma-1.24.1/pluma/pluma-gio-document-loader.c:308:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
async->read,
data/pluma-1.24.1/pluma/pluma-gio-document-loader.c:360:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (gvloader->priv->bytes_read + async->read < gvloader->priv->bytes_read)
data/pluma-1.24.1/pluma/pluma-gio-document-loader.c:372:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gvloader->priv->bytes_read += async->read;
data/pluma-1.24.1/pluma/pluma-gio-document-saver.c:53:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gssize read;
data/pluma-1.24.1/pluma/pluma-gio-document-saver.c:417:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (async->written != async->read)
data/pluma-1.24.1/pluma/pluma-utils.c:261:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_s1 = strlen (normalized_s1);
data/pluma-1.24.1/pluma/pluma-utils.c:262:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_s2 = strlen (normalized_s2);
data/pluma-1.24.1/pluma/pluma-utils.c:371:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (text);
data/pluma-1.24.1/pluma/pluma-utils.c:427:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (text);
data/pluma-1.24.1/pluma/pluma-utils.c:543:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (text);
data/pluma-1.24.1/pluma/pluma-utils.c:588:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (string);
data/pluma-1.24.1/pluma/pluma-utils.c:655:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remaining_bytes = strlen (name);
data/pluma-1.24.1/pluma/pluma-utils.c:702:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen (str) == 1) && (*str == '.'))
data/pluma-1.24.1/pluma/pluma-utils.c:823:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res = g_strdup_printf ("~/%s", uri + strlen (home));
data/pluma-1.24.1/pluma/pluma-utils.c:1491:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hier_part_end = p + strlen (p);
data/pluma-1.24.1/pluma/pluma-view.c:1537:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_len = strlen (escaped_text);
data/pluma-1.24.1/pluma/pluma-view.c:1615:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp (real_key, item, strlen (real_key)))
data/pluma-1.24.1/pluma/pluma-view.c:1626:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp (key, case_normalized_string, strlen (key)))
data/pluma-1.24.1/pluma/pluma-view.c:2221:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gtk_clipboard_set_text (gtk_clipboard_get (GDK_SELECTION_PRIMARY), primtxt, strlen (primtxt));
data/pluma-1.24.1/pluma/pluma-window.c:314:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gchar tempfont [strlen (font)];
data/pluma-1.24.1/pluma/pluma-window.c:316:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempfont [strlen (font) - strlen (tempsize)] = 0;
data/pluma-1.24.1/pluma/pluma-window.c:316:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempfont [strlen (font) - strlen (tempsize)] = 0;
data/pluma-1.24.1/pluma/smclient/eggsmclient-xsmp.c:1147:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pv.length = strlen (value);
data/pluma-1.24.1/pluma/smclient/eggsmclient-xsmp.c:1181:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pv.length = strlen (values->pdata[i]);
data/pluma-1.24.1/pluma/smclient/eggsmclient-xsmp.c:1210:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop->vals[0].length = strlen (value);
data/pluma-1.24.1/tests/document-input-stream.c:50:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outlen = strlen (outbuf);
data/pluma-1.24.1/tests/document-output-stream.c:52:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = MIN (write_chunk_len, strlen (inbuf + n));
data/pluma-1.24.1/tests/document-saver.c:109:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gsize read;
data/pluma-1.24.1/tests/document-saver.c:115:65: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g_input_stream_read_all (stream, buffer, sizeof (buffer) - 1, &read, NULL, &error);
data/pluma-1.24.1/tests/document-saver.c:118:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buffer[read] = '\0';
data/pluma-1.24.1/tests/smart-converter.c:74:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nread = strlen (text);
data/pluma-1.24.1/tests/smart-converter.c:211:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/pluma-1.24.1/tests/smart-converter.c:262:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aux = do_test (TEXT_TO_CONVERT, "UTF-8", NULL, strlen (TEXT_TO_CONVERT), NULL);
ANALYSIS SUMMARY:
Hits = 121
Lines analyzed = 79121 in approximately 1.45 seconds (54694 lines/second)
Physical Source Lines of Code (SLOC) = 54939
Hits@level = [0] 1 [1] 74 [2] 40 [3] 6 [4] 1 [5] 0
Hits@level+ = [0+] 122 [1+] 121 [2+] 47 [3+] 7 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 2.22064 [1+] 2.20244 [2+] 0.855494 [3+] 0.127414 [4+] 0.018202 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.