The following issues were found
src/ccutil/mainblk.cpp
2 issues
Line: 47
Column: 27
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
void CCUtil::main_setup(const std::string &argv0, const std::string &basename) {
imagebasename = basename; /**< name of image */
char *tessdata_prefix = getenv("TESSDATA_PREFIX");
if (!argv0.empty()) {
/* Use tessdata prefix from the command line. */
datadir = argv0;
} else if (tessdata_prefix) {
Reported by FlawFinder.
Line: 58
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#if defined(_WIN32)
} else if (datadir.empty() || _access(datadir.c_str(), 0) != 0) {
/* Look for tessdata in directory of executable. */
char path[_MAX_PATH];
DWORD length = GetModuleFileName(nullptr, path, sizeof(path));
if (length > 0 && length < sizeof(path)) {
char *separator = std::strrchr(path, '\\');
if (separator != nullptr) {
*separator = '\0';
Reported by FlawFinder.
unittest/pagesegmode_test.cc
2 issues
Line: 87
// Tests the single-word segmentation mode, and that it performs correctly
// and differently to line and block mode.
TEST_F(PageSegModeTest, WordTest) {
std::string filename = file::JoinPath(TESTING_DIR, "segmodeimg.tif");
if (!file_exists(filename.c_str())) {
LOG(INFO) << "Skip test because of missing " << filename << '\n';
GTEST_SKIP();
} else {
Reported by Cppcheck.
Line: 32
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
#if defined(_WIN32)
return _access(filename, 0) == 0;
#else
return access(filename, 0) == 0;
#endif
}
// The fixture for testing Tesseract.
class PageSegModeTest : public testing::Test {
Reported by FlawFinder.
src/ccutil/unicity_table.h
2 issues
Line: 119
Column: 8
CWE codes:
120
20
bool write(FILE *f, std::function<bool(FILE *, const T &)> cb) const {
return table_.write(f, cb);
}
bool read(tesseract::TFile *f, std::function<bool(tesseract::TFile *, T *)> cb) {
return table_.read(f, cb);
}
private:
GenericVector<T> table_;
Reported by FlawFinder.
Line: 120
Column: 19
CWE codes:
120
20
return table_.write(f, cb);
}
bool read(tesseract::TFile *f, std::function<bool(tesseract::TFile *, T *)> cb) {
return table_.read(f, cb);
}
private:
GenericVector<T> table_;
};
Reported by FlawFinder.
src/api/renderer.cpp
2 issues
Line: 42
Column: 13
CWE codes:
362
, happy_(true) {
if (strcmp(outputbase, "-") && strcmp(outputbase, "stdout")) {
std::string outfile = std::string(outputbase) + "." + extension;
fout_ = fopen(outfile.c_str(), "wb");
if (fout_ == nullptr) {
happy_ = false;
}
}
}
Reported by FlawFinder.
Line: 112
Column: 17
CWE codes:
126
}
void TessResultRenderer::AppendString(const char *s) {
AppendData(s, strlen(s));
}
void TessResultRenderer::AppendData(const char *s, int len) {
if (!tesseract::Serialize(fout_, s, len)) {
happy_ = false;
Reported by FlawFinder.
src/classify/normmatch.cpp
2 issues
Line: 174
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* @return Character normalization protos.
*/
NORM_PROTOS *Classify::ReadNormProtos(TFile *fp) {
char unichar[2 * UNICHAR_LEN + 1];
UNICHAR_ID unichar_id;
LIST Protos;
int NumProtos;
/* allocate and initialization data structure */
Reported by FlawFinder.
Line: 188
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* read protos for each class into a separate list */
const int kMaxLineSize = 100;
char line[kMaxLineSize];
while (fp->FGets(line, kMaxLineSize) != nullptr) {
std::istringstream stream(line);
stream.imbue(std::locale::classic());
stream >> unichar >> NumProtos;
if (stream.fail()) {
Reported by FlawFinder.
unittest/tatweel_test.cc
2 issues
Line: 68
UNICHARSET unicharset_;
};
TEST_F(TatweelTest, UnicharsetIgnoresTatweel) {
// This test verifies that the unicharset ignores the Tatweel character.
for (int i = 0; i < unicharset_.size(); ++i) {
const char *utf8 = unicharset_.id_to_unichar(i);
EXPECT_EQ(strstr(utf8, reinterpret_cast<const char *>(u8"\u0640")), nullptr);
}
Reported by Cppcheck.
Line: 31
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
#if defined(_WIN32)
return _access(filename, 0) == 0;
#else
return access(filename, 0) == 0;
#endif
}
class TatweelTest : public ::testing::Test {
protected:
Reported by FlawFinder.
unittest/tfile_test.cc
2 issues
Line: 150
};
};
TEST_F(TfileTest, Serialize) {
// This test verifies that Tfile can serialize a class.
MathData m1;
m1.Setup();
std::vector<char> data;
TFile fpw;
Reported by Cppcheck.
Line: 188
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
EXPECT_TRUE(m2.DeSerialize(&fpr));
m1.ExpectEq(m2);
const int kBufsize = 1024;
char buffer[kBufsize + 1];
EXPECT_EQ(buffer, fpr.FGets(buffer, kBufsize));
EXPECT_STREQ(line_str.c_str(), buffer);
MathData m3;
EXPECT_TRUE(m3.DeSerialize(&fpr));
m1.ExpectEq(m3);
Reported by FlawFinder.
src/dict/dawg.cpp
2 issues
Line: 73
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
FILE *word_file;
char string[CHARS_PER_LINE];
int misses = 0;
UNICHAR_ID wildcard = unicharset.unichar_to_id(kWildcard);
word_file = fopen(filename, "r");
if (word_file == nullptr) {
Reported by FlawFinder.
Line: 77
Column: 15
CWE codes:
362
int misses = 0;
UNICHAR_ID wildcard = unicharset.unichar_to_id(kWildcard);
word_file = fopen(filename, "r");
if (word_file == nullptr) {
tprintf("Error: Could not open file %s\n", filename);
ASSERT_HOST(word_file);
}
Reported by FlawFinder.
src/ccmain/control.cpp
2 issues
Line: 122
Column: 27
CWE codes:
362
if (word_box.major_overlap(target_word_box)) {
if (backup_config_file_ == nullptr) {
backup_config_file_ = kBackUpConfigFile;
FILE *config_fp = fopen(backup_config_file_, "wb");
if (config_fp == nullptr) {
tprintf("Error, failed to open file \"%s\"\n", backup_config_file_);
} else {
ParamUtils::PrintParams(config_fp, params());
fclose(config_fp);
Reported by FlawFinder.
Line: 1711
Column: 7
CWE codes:
126
int hyphen_pos = -1;
ACCEPTABLE_WERD_TYPE word_type = AC_UNACCEPTABLE;
if (strlen(lengths) > 20) {
return word_type;
}
/* Single Leading punctuation char*/
Reported by FlawFinder.
src/ccmain/paragraphs.cpp
2 issues
Line: 517
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void RowScratchRegisters::AppendDebugInfo(const ParagraphTheory &theory,
std::vector<std::string> &dbg) const {
char s[30];
snprintf(s, sizeof(s), "[%3d,%3d;%3d,%3d]", lmargin_, lindent_, rindent_, rmargin_);
dbg.emplace_back(s);
std::string model_string;
model_string += static_cast<char>(GetLineType());
model_string += ":";
Reported by FlawFinder.
Line: 2499
Column: 25
CWE codes:
126
}
info->text = "";
const std::unique_ptr<const char[]> text(it.GetUTF8Text(RIL_TEXTLINE));
int trailing_ws_idx = strlen(text.get()); // strip trailing space
while (trailing_ws_idx > 0 &&
// isspace() only takes ASCII
isascii(text[trailing_ws_idx - 1]) && isspace(text[trailing_ws_idx - 1])) {
trailing_ws_idx--;
}
Reported by FlawFinder.