Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c Examining data/xcb-imdkit-1.0.0/src/clientprotocolhandler.h Examining data/xcb-imdkit-1.0.0/src/common.c Examining data/xcb-imdkit-1.0.0/src/common.h Examining data/xcb-imdkit-1.0.0/src/encoding.c Examining data/xcb-imdkit-1.0.0/src/encoding.h Examining data/xcb-imdkit-1.0.0/src/imclient.c Examining data/xcb-imdkit-1.0.0/src/imclient.h Examining data/xcb-imdkit-1.0.0/src/imclient_p.h Examining data/xcb-imdkit-1.0.0/src/imdkit.c Examining data/xcb-imdkit-1.0.0/src/imdkit.h Examining data/xcb-imdkit-1.0.0/src/imdkit_p.h Examining data/xcb-imdkit-1.0.0/src/list.h Examining data/xcb-imdkit-1.0.0/src/message.c Examining data/xcb-imdkit-1.0.0/src/message.h Examining data/xcb-imdkit-1.0.0/src/parser.c Examining data/xcb-imdkit-1.0.0/src/parser.h Examining data/xcb-imdkit-1.0.0/src/protocolhandler.c Examining data/xcb-imdkit-1.0.0/src/protocolhandler.h Examining data/xcb-imdkit-1.0.0/src/ximcommon.h Examining data/xcb-imdkit-1.0.0/src/ximproto-gen.h Examining data/xcb-imdkit-1.0.0/src/ximproto.c Examining data/xcb-imdkit-1.0.0/src/ximproto.h Examining data/xcb-imdkit-1.0.0/src/ximproto_p.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/XlcPubI.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/XlcPublic.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcCharSet.c Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUTF8.c Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/armscii_8.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/ascii.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/big5.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/big5_emacs.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/big5hkscs.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1133.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1251.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1255.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1256.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/gb2312.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/gbk.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_academy.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_ps.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_1.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_10.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_11.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_13.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_14.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_15.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_16.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_2.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_3.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_4.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_5.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_6.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_7.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_8.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_9.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_9e.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/jisx0201.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/jisx0208.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/jisx0212.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_c.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_r.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_u.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/ksc5601.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/mulelao.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tatar_cyr.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tcvn.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tis620.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/ucs2be.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/utf8.h Examining data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/viscii.h Examining data/xcb-imdkit-1.0.0/test/test_client.c Examining data/xcb-imdkit-1.0.0/test/test_encoding.c Examining data/xcb-imdkit-1.0.0/test/test_server.c Examining data/xcb-imdkit-1.0.0/uthash/uthash.h FINAL RESULTS: data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:480:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). ct_info->ct_sequence = strcpy((char *) (ct_info + 1), ct_sequence); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:69:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s,c_charsetname); strcat(s,".h"); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:124:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fname,directory); strcat(fname,filename); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:124:32: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcpy(fname,directory); strcat(fname,filename); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:226:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(enc->check_col_expr, "c2"); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:229:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(enc->byte_row_expr, "c1"); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:231:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(enc->byte_col_expr, "c2"); data/xcb-imdkit-1.0.0/test/test_client.c:135:5: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(fmt, argp); data/xcb-imdkit-1.0.0/uthash/uthash.h:232:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, __VA_ARGS__); \ data/xcb-imdkit-1.0.0/src/imclient.c:498:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. imname = getenv("XMODIFIERS"); data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c:93:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(imattr->attr.im_attribute, subframe->im_attribute, data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c:118:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(icattr->attr.ic_attribute, subframe->ic_attribute, data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c:242:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(im->onKeys.keys, frame.on_keys_list.items, data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c:246:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(im->offKeys.keys, frame.off_keys_list.items, data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c:479:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&key_event, data, sizeof(xcb_key_press_event_t)); data/xcb-imdkit-1.0.0/src/encoding.c:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[_CONVERT_BUFSIZE]; data/xcb-imdkit-1.0.0/src/imclient.c:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char atomName[64]; data/xcb-imdkit-1.0.0/src/imclient.c:39:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. int len = sprintf(atomName, "_client%u_%u", im->connect_id, im->sequence++); data/xcb-imdkit-1.0.0/src/imclient.c:193:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(address, value, length); data/xcb-imdkit-1.0.0/src/imclient.c:475:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(im->server_atoms, server_atoms, items * sizeof(xcb_atom_t)); data/xcb-imdkit-1.0.0/src/imclient.c:1188:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(items[i].value, nested->data, nested->length); data/xcb-imdkit-1.0.0/src/imclient.c:1401:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(items[i].value, nested->data, nested->length); data/xcb-imdkit-1.0.0/src/imclient.c:1458:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, event, sizeof(xcb_key_press_event_t)); data/xcb-imdkit-1.0.0/src/imclient.c:1486:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&im->im_callback, callbacks, sizeof(xcb_xim_im_callback)); data/xcb-imdkit-1.0.0/src/imdkit.c:45:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(to->PTR, from->PTR, from->NUM * sizeof(ELEM_TYPE)); \ data/xcb-imdkit-1.0.0/src/imdkit.c:528:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[LOCALES_BUFSIZE]; data/xcb-imdkit-1.0.0/src/imdkit.c:533:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "@transport=X/"); data/xcb-imdkit-1.0.0/src/imdkit.c:859:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(content, event, sizeof(xcb_key_press_event_t)); data/xcb-imdkit-1.0.0/src/imdkit.c:1036:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&item->event, data, sizeof(xcb_key_press_event_t)); data/xcb-imdkit-1.0.0/src/imdkit.c:1037:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&item->hdr, hdr, sizeof(xcb_im_packet_header_fr_t)); data/xcb-imdkit-1.0.0/src/imdkit.c:1038:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&item->frame, frame, sizeof(xcb_im_forward_event_fr_t)); data/xcb-imdkit-1.0.0/src/imdkit.c:1140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char atomName[64]; data/xcb-imdkit-1.0.0/src/imdkit.c:1142:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(atomName, "_server%u_%u", client->connect_id, im->sequence++); data/xcb-imdkit-1.0.0/src/message.c:92:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(event.data.data8, data, length); data/xcb-imdkit-1.0.0/src/message.c:134:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, rec, hdr->length * 4); data/xcb-imdkit-1.0.0/src/message.c:180:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, rec, hdr->length * 4); data/xcb-imdkit-1.0.0/src/parser.c:93:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, *p, arraylen); data/xcb-imdkit-1.0.0/src/protocolhandler.c:730:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&key_event, data, sizeof(xcb_key_press_event_t)); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:51:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char name[19]; data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:52:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char ct_sequence[5]; /* Compound Text encoding, ESC sequence */ data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:785:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bufptr, ctptr, n); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:819:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bufptr, ctptr, n); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:887:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctptr, ct_info->ct_sequence, length); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:902:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctptr, ct_info->ct_sequence, length); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:914:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctptr, ct_info->ext_segment, ct_info->ext_segment_len); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:921:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctptr, ct_info->ct_sequence, length); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCharSet.c:123:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, name, name_len+1); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCharSet.c:135:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(encoding_tmp, charset->name, length); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCharSet.c:144:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, ct_sequence, ct_sequence_len+1); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:69:30: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcpy(s,c_charsetname); strcat(s,".h"); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:125:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname,"w"); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:365:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s, "%02x_%d", p, ++i); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:369:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s, "%02x", p); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/armscii_8.h:45:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char armscii_8_page00[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/armscii_8.h:48:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char armscii_8_page00_1[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/armscii_8.h:54:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char armscii_8_page05[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/armscii_8.h:68:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char armscii_8_page20[24] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/big5_emacs.h:58:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[2]; data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/big5_emacs.h:92:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[2]; data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/big5_emacs.h:119:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[2]; data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/big5_emacs.h:144:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[2]; data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1133.h:53:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1133_page00[16] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1133.h:57:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1133_page0e[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1251.h:51:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1251_page00[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1251.h:57:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1251_page04[152] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1251.h:78:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1251_page20[48] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1255.h:51:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1255_page00[88] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1255.h:64:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1255_page02[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1255.h:70:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1255_page05[72] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1255.h:81:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1255_page20[56] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1256.h:44:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1256_page00[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1256.h:58:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1256_page01[72] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1256.h:69:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1256_page06[208] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cp1256.h:97:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char cp1256_page20[56] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_academy.h:28:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_academy_page00[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_academy.h:34:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_academy_page01[72] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_academy.h:45:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_academy_page02[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_academy.h:51:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_academy_page20[48] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_ps.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_ps_page00[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_ps.h:44:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_ps_page01[72] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_ps.h:55:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_ps_page02[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_ps.h:61:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_ps_page10[40] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/georgian_ps.h:68:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char georgian_ps_page20[48] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_10.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_10_page00[224] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_11.h:47:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_11_page0e[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_13.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_13_page00[224] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_13.h:69:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_13_page20[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_14.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_14_page00[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_14.h:52:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_14_page01_0[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_14.h:58:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_14_page01_1[16] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_14.h:62:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_14_page1e_0[136] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_14.h:81:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_14_page1e_1[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_15.h:26:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_15_page00[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_15.h:32:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_15_page01[48] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_16.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_16_page00[224] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_16.h:69:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_16_page02[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_16.h:72:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_16_page20[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_2.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_2_page00[224] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_2.h:69:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_2_page02[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_3.h:45:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_3_page00[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_3.h:59:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_3_page01[120] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_3.h:76:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_3_page02[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_4.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_4_page00[224] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_4.h:69:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_4_page02[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_5.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_5_page00[16] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_5.h:42:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_5_page04[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_6.h:45:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_6_page00[16] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_6.h:49:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_6_page06[80] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_7.h:45:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_7_page00[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_7.h:51:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_7_page03[80] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_7.h:63:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_7_page20[16] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_8.h:45:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_8_page00[88] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_8.h:58:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_8_page05[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_8.h:64:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_8_page20[16] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_9.h:29:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_9_page00[48] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_9.h:37:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_9_page01[72] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_9e.h:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_9e_page00[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_9e.h:52:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_9e_page01[136] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/iso8859_9e.h:71:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char iso8859_9e_page01_d[24] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_c.h:44:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_c_page00[1] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_c.h:47:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_c_page04[240] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_c.h:79:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_c_page22[1] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_r.h:46:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_r_page00[88] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_r.h:59:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_r_page04[88] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_r.h:72:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_r_page22[80] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_r.h:84:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_r_page23[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_r.h:87:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_r_page25[168] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_u.h:46:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_u_page00[88] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_u.h:59:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_u_page04[152] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_u.h:80:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_u_page22[80] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_u.h:92:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_u_page23[8] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/koi8_u.h:95:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char koi8_u_page25[168] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/mulelao.h:45:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char mulelao_page0e[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tatar_cyr.h:44:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tatar_cyr_page00[32] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tatar_cyr.h:50:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tatar_cyr_page04[240] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tatar_cyr.h:82:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tatar_cyr_page20[48] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tatar_cyr.h:90:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tatar_cyr_page21[24] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tatar_cyr.h:95:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tatar_cyr_page22[1] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tcvn.h:54:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tcvn_page00[96+184] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tcvn.h:92:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tcvn_page03[40] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tcvn.h:99:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tcvn_page1e[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/tis620.h:47:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char tis620_page0e[96] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/viscii.h:56:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char viscii_page00[64+184] = { data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/viscii.h:90:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char viscii_page1e[96] = { data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c:26:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). extensions[i].length_of_string = strlen(Default_Extension[i].name); data/xcb-imdkit-1.0.0/src/clientprotocolhandler.c:41:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). compound.length_of_string = strlen("COMPOUND_TEXT"); data/xcb-imdkit-1.0.0/src/common.c:21:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xcb_intern_atom(conn, false, strlen(atom_names[i]), atom_names[i]); data/xcb-imdkit-1.0.0/src/imclient.c:45:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t category_len = strlen(XIM_SERVER_CATEGORY); data/xcb-imdkit-1.0.0/src/imclient.c:59:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t category_len = strlen(XIM_TRANSPORT_CATEGORY); data/xcb-imdkit-1.0.0/src/imclient.c:61:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(XIM_TRANSPORT_CATEGORY)) != 0) { data/xcb-imdkit-1.0.0/src/imclient.c:82:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p - pp) == strlen("X") && (0 == strncmp(pp, "X", strlen("X")))) { data/xcb-imdkit-1.0.0/src/imclient.c:82:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((p - pp) == strlen("X") && (0 == strncmp(pp, "X", strlen("X")))) { data/xcb-imdkit-1.0.0/src/imclient.c:484:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!imname || strncmp(imname, "@im=", strlen("@im=")) != 0) { data/xcb-imdkit-1.0.0/src/imclient.c:488:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). imname += strlen("@im="); data/xcb-imdkit-1.0.0/src/imdkit.c:113:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). im->imattr[i].length_of_im_attribute = strlen(Default_IMattr[i].name); data/xcb-imdkit-1.0.0/src/imdkit.c:122:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). im->icattr[i].length_of_ic_attribute = strlen(Default_ICattr[i].name); data/xcb-imdkit-1.0.0/src/imdkit.c:216:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(Default_Extension[i].name); data/xcb-imdkit-1.0.0/src/imdkit.c:542:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(buf), (unsigned char *)buf); data/xcb-imdkit-1.0.0/src/imdkit_p.h:173:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read; data/xcb-imdkit-1.0.0/src/protocolhandler.c:146:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(im->encodings.encodings[j]) && data/xcb-imdkit-1.0.0/src/protocolhandler.c:466:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (!entry || !entry->read || offsets[attrID] < 0) { data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:320:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(ptr); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:474:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(ct_sequence); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:503:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = strlen(q); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCT.c:877:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(ct_info->ct_sequence); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCharSet.c:114:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_len = strlen(name); data/xcb-imdkit-1.0.0/src/xlibi18n/lcCharSet.c:115:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ct_sequence_len = strlen(ct_sequence); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:68:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* s = malloc(strlen(c_charsetname)+strlen(".h")+1); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:68:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* s = malloc(strlen(c_charsetname)+strlen(".h")+1); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:78:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:85:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:91:20: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). do { c = getc(stdin); } while (!(c == EOF || c == '\n')); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:97:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). do { c = getc(stdin); } while (c == ' ' || c == '\t'); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:123:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* fname = malloc(strlen(directory)+strlen(filename)+1); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/8bit_tab_to_h.c:123:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* fname = malloc(strlen(directory)+strlen(filename)+1); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:81:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:86:11: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:92:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). do { c = getc(stdin); } while (!(c == EOF || c == '\n')); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:775:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:780:11: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/xcb-imdkit-1.0.0/src/xlibi18n/lcUniConv/cjk_tab_to_h.c:786:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). do { c = getc(stdin); } while (!(c == EOF || c == '\n')); data/xcb-imdkit-1.0.0/test/test_encoding.c:17:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *result = xcb_utf8_to_compound_text(str, strlen(str), &len); data/xcb-imdkit-1.0.0/test/test_server.c:41:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(TEST_STRING), &len); data/xcb-imdkit-1.0.0/uthash/uthash.h:216:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). HASH_FIND(hh, head, findstr, strlen(findstr), out) data/xcb-imdkit-1.0.0/uthash/uthash.h:218:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). HASH_ADD(hh, head, strfield, strlen(add->strfield), add) ANALYSIS SUMMARY: Hits = 185 Lines analyzed = 46889 in approximately 2.27 seconds (20678 lines/second) Physical Source Lines of Code (SLOC) = 42015 Hits@level = [0] 244 [1] 41 [2] 134 [3] 1 [4] 9 [5] 0 Hits@level+ = [0+] 429 [1+] 185 [2+] 144 [3+] 10 [4+] 9 [5+] 0 Hits/KSLOC@level+ = [0+] 10.2106 [1+] 4.40319 [2+] 3.42735 [3+] 0.23801 [4+] 0.214209 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.