The following issues were found

Userland/Applications/HexEditor/HexEditor.h
3 issues
There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 21 

              #include <LibGfx/TextAlignment.h>

class HexEditor : public GUI::AbstractScrollableWidget {
    C_OBJECT(HexEditor)
public:
    enum EditMode {
        Hex,
        Text
    };

Reported by Cppcheck.

There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 21 

              #include <LibGfx/TextAlignment.h>

class HexEditor : public GUI::AbstractScrollableWidget {
    C_OBJECT(HexEditor)
public:
    enum EditMode {
        Hex,
        Text
    };

Reported by Cppcheck.

There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 21 

              #include <LibGfx/TextAlignment.h>

class HexEditor : public GUI::AbstractScrollableWidget {
    C_OBJECT(HexEditor)
public:
    enum EditMode {
        Hex,
        Text
    };

Reported by Cppcheck.

Userland/Libraries/LibCore/IODevice.h
3 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 88 Column: 18 CWE codes: 362 

              
    bool seek(i64, SeekMode = SeekMode::SetPosition, off_t* = nullptr);

    virtual bool open(OpenMode) = 0;
    virtual bool close();

    LineIterator line_begin() & { return LineIterator(*this); }
    LineIterator line_end() { return LineIterator(*this, true); }

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 71 Column: 9 CWE codes: 120 20 

              
    bool has_error() const { return m_error != 0; }

    int read(u8* buffer, int length);

    ByteBuffer read(size_t max_size);
    ByteBuffer read_all();
    String read_line(size_t max_size = 16384);

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 73 Column: 16 CWE codes: 120 20 

              
    int read(u8* buffer, int length);

    ByteBuffer read(size_t max_size);
    ByteBuffer read_all();
    String read_line(size_t max_size = 16384);

    bool write(const u8*, int size);
    bool write(const StringView&);

Reported by FlawFinder.

Userland/Libraries/LibCore/File.h
3 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 22 Column: 49 CWE codes: 362 

              public:
    virtual ~File() override;

    static Result<NonnullRefPtr<File>, OSError> open(String filename, OpenMode, mode_t = 0644);

    String filename() const { return m_filename; }
    void set_filename(const String filename) { m_filename = move(filename); }

    bool is_directory() const;

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 80 Column: 18 CWE codes: 362 

                  };
    static Result<void, RemoveError> remove(String const& path, RecursionMode, bool force);

    virtual bool open(OpenMode) override;

    enum class ShouldCloseFileDescriptor {
        No = 0,
        Yes
    };

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 86 Column: 10 CWE codes: 362 

                      No = 0,
        Yes
    };
    bool open(int fd, OpenMode, ShouldCloseFileDescriptor);
    [[nodiscard]] int leak_fd();

    static NonnullRefPtr<File> standard_input();
    static NonnullRefPtr<File> standard_output();
    static NonnullRefPtr<File> standard_error();

Reported by FlawFinder.

Userland/Libraries/LibCoreDump/Reader.cpp
3 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 81 Column: 89 CWE codes: 126 

                  switch (type()) {
    case ELF::Core::NotesEntryHeader::Type::ProcessInfo: {
        const auto* current = reinterpret_cast<const ELF::Core::ProcessInfo*>(m_current);
        m_current = reinterpret_cast<const ELF::Core::NotesEntry*>(current->json_data + strlen(current->json_data) + 1);
        break;
    }
    case ELF::Core::NotesEntryHeader::Type::ThreadInfo: {
        const auto* current = reinterpret_cast<const ELF::Core::ThreadInfo*>(m_current);
        m_current = reinterpret_cast<const ELF::Core::NotesEntry*>(current + 1);

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 91 Column: 91 CWE codes: 126 

                  }
    case ELF::Core::NotesEntryHeader::Type::MemoryRegionInfo: {
        const auto* current = reinterpret_cast<const ELF::Core::MemoryRegionInfo*>(m_current);
        m_current = reinterpret_cast<const ELF::Core::NotesEntry*>(current->region_name + strlen(current->region_name) + 1);
        break;
    }
    case ELF::Core::NotesEntryHeader::Type::Metadata: {
        const auto* current = reinterpret_cast<const ELF::Core::Metadata*>(m_current);
        m_current = reinterpret_cast<const ELF::Core::NotesEntry*>(current->json_data + strlen(current->json_data) + 1);

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 96 Column: 89 CWE codes: 126 

                  }
    case ELF::Core::NotesEntryHeader::Type::Metadata: {
        const auto* current = reinterpret_cast<const ELF::Core::Metadata*>(m_current);
        m_current = reinterpret_cast<const ELF::Core::NotesEntry*>(current->json_data + strlen(current->json_data) + 1);
        break;
    }
    default:
        VERIFY_NOT_REACHED();
    }

Reported by FlawFinder.

Userland/Applications/Help/ManualSectionNode.cpp
3 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 41 Column: 39 CWE codes: 362 

                      m_children.append(make<ManualPageNode>(*this, move(page_name)));
}

void ManualSectionNode::set_open(bool open)
{
    if (m_open == open)
        return;
    m_open = open;
}

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 43 Column: 19 CWE codes: 362 

              
void ManualSectionNode::set_open(bool open)
{
    if (m_open == open)
        return;
    m_open = open;
}

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 45 Column: 14 CWE codes: 362 

              {
    if (m_open == open)
        return;
    m_open = open;
}

Reported by FlawFinder.

Userland/Applications/Help/main.cpp
3 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 181 Column: 72 CWE codes: 362 

                      open_page(path);
    };

    tree_view.on_toggle = [&](const GUI::ModelIndex& index, const bool open) {
        model->update_section_node_on_toggle(index, open);
    };

    auto open_external = [&](auto& url) {
        if (!Desktop::Launcher::open(url)) {

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 182 Column: 53 CWE codes: 362 

                  };

    tree_view.on_toggle = [&](const GUI::ModelIndex& index, const bool open) {
        model->update_section_node_on_toggle(index, open);
    };

    auto open_external = [&](auto& url) {
        if (!Desktop::Launcher::open(url)) {
            GUI::MessageBox::show(window,

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 186 Column: 33 CWE codes: 362 

                  };

    auto open_external = [&](auto& url) {
        if (!Desktop::Launcher::open(url)) {
            GUI::MessageBox::show(window,
                String::formatted("The link to '{}' could not be opened.", url),
                "Failed to open link",
                GUI::MessageBox::Type::Error);
        }

Reported by FlawFinder.

Userland/Libraries/LibCore/DirIterator.cpp
3 issues
access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition
Security

Line: 91 Column: 13 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly 

              String find_executable_in_path(String filename)
{
    if (filename.starts_with('/')) {
        if (access(filename.characters(), X_OK) == 0)
            return filename;

        return {};
    }

Reported by FlawFinder.

access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition
Security

Line: 100 Column: 13 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly 

                  for (auto directory : String { getenv("PATH") }.split(':')) {
        auto fullpath = String::formatted("{}/{}", directory, filename);

        if (access(fullpath.characters(), X_OK) == 0)
            return fullpath;
    }

    return {};
}

Reported by FlawFinder.

getenv - Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once
Security

Line: 97 Column: 36 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them 

                      return {};
    }

    for (auto directory : String { getenv("PATH") }.split(':')) {
        auto fullpath = String::formatted("{}/{}", directory, filename);

        if (access(fullpath.characters(), X_OK) == 0)
            return fullpath;
    }

Reported by FlawFinder.

Userland/Libraries/LibCrypt/crypt.cpp
3 issues
crypt - The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment
Security

Line: 18 Column: 7 CWE codes: 327
Suggestion: Use a different algorithm, such as SHA-256, with a larger, non-repeating salt 

              
static struct crypt_data crypt_data;

char* crypt(const char* key, const char* salt)
{
    crypt_data.initialized = true;
    return crypt_r(key, salt, &crypt_data);
}

Reported by FlawFinder.

crypt_r - The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment
Security

Line: 21 Column: 12 CWE codes: 327
Suggestion: Use a different algorithm, such as SHA-256, with a larger, non-repeating salt 

              char* crypt(const char* key, const char* salt)
{
    crypt_data.initialized = true;
    return crypt_r(key, salt, &crypt_data);
}

static constexpr size_t crypt_salt_max = 16;
static constexpr size_t sha_string_length = 44;

Reported by FlawFinder.

crypt_r - The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment
Security

Line: 27 Column: 7 CWE codes: 327
Suggestion: Use a different algorithm, such as SHA-256, with a larger, non-repeating salt 

              static constexpr size_t crypt_salt_max = 16;
static constexpr size_t sha_string_length = 44;

char* crypt_r(const char* key, const char* salt, struct crypt_data* data)
{
    if (!data->initialized) {
        errno = EINVAL;
        return nullptr;
    }

Reported by FlawFinder.

Userland/Libraries/LibCore/ConfigFile.cpp
3 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 37 Column: 39 CWE codes: 362 

                  return adopt_ref(*new ConfigFile(path));
}

NonnullRefPtr<ConfigFile> ConfigFile::open(const String& path)
{
    return adopt_ref(*new ConfigFile(path));
}

ConfigFile::ConfigFile(const String& filename)

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 58 Column: 16 CWE codes: 362 

                  m_groups.clear();

    auto file = File::construct(m_filename);
    if (!file->open(OpenMode::ReadOnly))
        return;

    HashMap<String, String>* current_group = nullptr;

    while (file->can_read_line()) {

Reported by FlawFinder.

fopen - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 152 Column: 16 CWE codes: 362 

                  if (!m_dirty)
        return true;

    FILE* fp = fopen(m_filename.characters(), "wb");
    if (!fp)
        return false;

    for (auto& it : m_groups) {
        outln(fp, "[{}]", it.key);

Reported by FlawFinder.

Userland/Applications/KeyboardMapper/KeyButton.h
3 issues
There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 12 

              #include <LibGUI/AbstractButton.h>

class KeyButton : public GUI::AbstractButton {
    C_OBJECT(KeyButton)

public:
    virtual ~KeyButton() override;

    void set_pressed(bool value) { m_pressed = value; }

Reported by Cppcheck.

There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 12 

              #include <LibGUI/AbstractButton.h>

class KeyButton : public GUI::AbstractButton {
    C_OBJECT(KeyButton)

public:
    virtual ~KeyButton() override;

    void set_pressed(bool value) { m_pressed = value; }

Reported by Cppcheck.

There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 12 

              #include <LibGUI/AbstractButton.h>

class KeyButton : public GUI::AbstractButton {
    C_OBJECT(KeyButton)

public:
    virtual ~KeyButton() override;

    void set_pressed(bool value) { m_pressed = value; }

Reported by Cppcheck.