The following issues were found

src/wallet/salvage.cpp
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 123 Column: 24 CWE codes: 362 

                  }

    std::unique_ptr<Db> pdbCopy = std::make_unique<Db>(env->dbenv.get(), 0);
    int ret = pdbCopy->open(nullptr,               // Txn pointer
                            filename.c_str(),   // Filename
                            "main",             // Logical db name
                            DB_BTREE,           // Database type
                            DB_CREATE,          // Flags
                            0);

Reported by FlawFinder.

src/wallet/dump.cpp
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 29 Column: 15 CWE codes: 362 

                      return false;
    }
    fsbridge::ofstream dump_file;
    dump_file.open(path);
    if (dump_file.fail()) {
        error = strprintf(_("Unable to open %s for writing"), path.string());
        return false;
    }

Reported by FlawFinder.

src/util/tokenpipe.cpp
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 60 Column: 26 CWE codes: 120 20 

              {
    uint8_t token;
    while (true) {
        ssize_t result = read(m_fd, &token, 1);
        if (result < 0) {
            // Failure. Check if the read was interrupted by a signal,
            // in that case retry.
            if (errno != EINTR) {
                return TS_ERR;

Reported by FlawFinder.

src/util/strencodings.h
1 issues
atoi - Unless checked, the resulting number can exceed the expected range
Security

Line: 70 Column: 5 CWE codes: 190
Suggestion: If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended) 

              
void SplitHostPort(std::string in, uint16_t& portOut, std::string& hostOut);
int64_t atoi64(const std::string& str);
int atoi(const std::string& str);

/**
 * Tests if the given character is a decimal digit.
 * @param[in] c     character to test
 * @return          true if the argument is a decimal digit; otherwise false.

Reported by FlawFinder.

src/leveldb/util/coding_test.cc
1 issues
syntax error
Error

Line: 14 

              
class Coding {};

TEST(Coding, Fixed32) {
  std::string s;
  for (uint32_t v = 0; v < 100000; v++) {
    PutFixed32(&s, v);
  }

Reported by Cppcheck.

src/rpc/blockchain.cpp
1 issues
fopen - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 2565 Column: 26 CWE codes: 362 

                          "move it out of the way first");
    }

    FILE* file{fsbridge::fopen(temppath, "wb")};
    CAutoFile afile{file, SER_DISK, CLIENT_VERSION};
    NodeContext& node = EnsureAnyNodeContext(request.context);
    UniValue result = CreateUTXOSnapshot(node, node.chainman->ActiveChainstate(), afile);
    fs::rename(temppath, path);

Reported by FlawFinder.

src/leveldb/util/cache_test.cc
1 issues
syntax error
Error

Line: 67 

              };
CacheTest* CacheTest::current_;

TEST(CacheTest, HitAndMiss) {
  ASSERT_EQ(-1, Lookup(100));

  Insert(100, 101);
  ASSERT_EQ(101, Lookup(100));
  ASSERT_EQ(-1, Lookup(200));

Reported by Cppcheck.

src/util/hasher.h
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 74 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  {
        static_assert(hash_select <8, "SignatureCacheHasher only has 8 hashes available.");
        uint32_t u;
        std::memcpy(&u, key.begin()+4*hash_select, 4);
        return u;
    }
};

struct BlockHasher

Reported by FlawFinder.

src/univalue/test/test_json.cpp
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 16 Column: 13 CWE codes: 120 20 

              int main (int argc, char *argv[])
{
    UniValue val;
    if (val.read(string(istreambuf_iterator<char>(cin),
                        istreambuf_iterator<char>()))) {
        cout << val.write(1 /* prettyIndent */, 4 /* indentLevel */) << endl;
        return 0;
    } else {
        cerr << "JSON Parse Error." << endl;

Reported by FlawFinder.

src/univalue/test/no_nul.cpp
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 7 Column: 16 CWE codes: 120 20 

              {
    char buf[] = "___[1,2,3]___";
    UniValue val;
    return val.read(buf + 3, 7) ? 0 : 1;
}

Reported by FlawFinder.