The following issues were found
src/csvparser.h
2 issues
Line: 89
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
private:
bool m_bTrimFields;
char m_cFieldSeparator[4];
char m_cQuoteChar[4];
int m_iNumExtraBytesFieldSeparator;
int m_iNumExtraBytesQuoteChar;
CSVProgress* m_pCSVProgress;
Reported by FlawFinder.
Line: 90
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
private:
bool m_bTrimFields;
char m_cFieldSeparator[4];
char m_cQuoteChar[4];
int m_iNumExtraBytesFieldSeparator;
int m_iNumExtraBytesQuoteChar;
CSVProgress* m_pCSVProgress;
int64_t m_nBufferSize; //! internal buffer read size
Reported by FlawFinder.
src/ExportDataDialog.cpp
2 issues
Line: 113
Column: 13
CWE codes:
362
// Open file
QFile file(sFilename);
if(file.open(QIODevice::WriteOnly))
{
// Open text stream to the file
QTextStream stream(&file);
auto pDb = pdb.get(tr("exporting CSV"));
Reported by FlawFinder.
Line: 202
Column: 13
CWE codes:
362
{
// Open file
QFile file(sFilename);
if(file.open(QIODevice::WriteOnly))
{
auto pDb = pdb.get(tr("exporting JSON"));
sqlite3_stmt* stmt;
int status = sqlite3_prepare_v2(pDb.get(), sQuery.c_str(), static_cast<int>(sQuery.size()), &stmt, nullptr);
Reported by FlawFinder.
src/sql/parser/sqlite3_lexer.cpp
2 issues
Line: 1462
Column: 14
CWE codes:
120
20
int c = '*'; \
int n; \
for ( n = 0; n < max_size && \
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
buf[n] = (char) c; \
if ( c == '\n' ) \
buf[n++] = (char) c; \
if ( c == EOF && ferror( yyin ) ) \
YY_FATAL_ERROR( "input in flex scanner failed" ); \
Reported by FlawFinder.
Line: 3180
Column: 37
CWE codes:
126
YY_BUFFER_STATE yy_scan_string (const char * yystr , yyscan_t yyscanner)
{
return yy_scan_bytes( yystr, (int) strlen(yystr) , yyscanner);
}
/* %endif */
/* %if-c-only */
/** Setup the input buffer state to scan the given bytes. The next call to yylex() will
Reported by FlawFinder.
libs/qscintilla/Qt4Qt5/ListBoxQt.cpp
2 issues
Line: 318
Column: 45
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (numword)
*numword = '\0';
Append(startword, numword ? atoi(numword + 1) : -1);
startword = words + i + 1;
numword = NULL;
}
else if (words[i] == typesep)
Reported by FlawFinder.
Line: 334
Column: 41
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (numword)
*numword = '\0';
Append(startword, numword ? atoi(numword + 1) : -1);
}
delete[] words;
}
}
Reported by FlawFinder.
libs/qscintilla/Qt4Qt5/qscimacro.cpp
2 issues
Line: 188
Column: 17
CWE codes:
134
Suggestion:
Make format string constant
unsigned len = (*it).text.size();
QString m;
ms += m.sprintf("%u %lu %u", (*it).msg, (*it).wParam, len);
if (len)
{
// In Qt v3, if the length is greater than zero then it also
// includes the '\0', so we need to make sure that Qt v4 writes the
Reported by FlawFinder.
Line: 215
Column: 31
CWE codes:
134
Suggestion:
Make format string constant
{
QString buf;
ms += buf.sprintf("\\%02x", ch);
}
else
ms += ch;
}
}
Reported by FlawFinder.
libs/qscintilla/Qt4Qt5/qscicommandset.cpp
2 issues
Line: 894
Column: 14
CWE codes:
134
Suggestion:
Make format string constant
{
QsciCommand *cmd = cmds.at(i);
skey.sprintf("%s/keymap/c%d/", prefix,
static_cast<int>(cmd->command()));
int key;
bool ok;
Reported by FlawFinder.
Line: 933
Column: 14
CWE codes:
134
Suggestion:
Make format string constant
{
QsciCommand *cmd = cmds.at(i);
skey.sprintf("%s/keymap/c%d/", prefix,
static_cast<int>(cmd->command()));
// Write the key.
qs.setValue(skey + "key", cmd->key());
Reported by FlawFinder.
src/tests/TestImport.cpp
2 issues
Line: 12
#include "csvparser.h"
#include "TestImport.h"
QTEST_MAIN(TestImport)
TestImport::TestImport()
{
}
Reported by Cppcheck.
Line: 34
Column: 18
CWE codes:
362
// Create temporary CSV file
QTemporaryFile file;
QVERIFY(file.open());
{
QTextStream out(&file);
out.setCodec(encoding.toUtf8());
out << csv;
}
Reported by FlawFinder.
libs/qscintilla/lexlib/LexerBase.cpp
2 issues
Line: 65
Column: 36
CWE codes:
126
Sci_Position SCI_METHOD LexerBase::PropertySet(const char *key, const char *val) {
const char *valOld = props.Get(key);
if (strcmp(val, valOld) != 0) {
props.Set(key, val, strlen(key), strlen(val));
return 0;
} else {
return -1;
}
}
Reported by FlawFinder.
Line: 65
Column: 23
CWE codes:
126
Sci_Position SCI_METHOD LexerBase::PropertySet(const char *key, const char *val) {
const char *valOld = props.Get(key);
if (strcmp(val, valOld) != 0) {
props.Set(key, val, strlen(key), strlen(val));
return 0;
} else {
return -1;
}
}
Reported by FlawFinder.
libs/qscintilla/lexlib/OptionSet.h
2 issues
Line: 44
Column: 20
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
bool Set(T *base, const char *val) const {
switch (opType) {
case SC_TYPE_BOOLEAN: {
bool option = atoi(val) != 0;
if ((*base).*pb != option) {
(*base).*pb = option;
return true;
}
break;
Reported by FlawFinder.
Line: 52
Column: 19
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
break;
}
case SC_TYPE_INTEGER: {
int option = atoi(val);
if ((*base).*pi != option) {
(*base).*pi = option;
return true;
}
break;
Reported by FlawFinder.
libs/qscintilla/lexlib/LexAccessor.h
2 issues
Line: 24
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* @a slopSize positions the buffer before the desired position
* in case there is some backtracking. */
enum {bufferSize=4000, slopSize=bufferSize/8};
char buf[bufferSize+1];
Sci_Position startPos;
Sci_Position endPos;
int codePage;
enum EncodingType encodingType;
Sci_Position lenDoc;
Reported by FlawFinder.
Line: 30
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int codePage;
enum EncodingType encodingType;
Sci_Position lenDoc;
char styleBuf[bufferSize];
Sci_Position validLen;
Sci_PositionU startSeg;
Sci_Position startPosStyling;
int documentVersion;
Reported by FlawFinder.