The following issues were found
Userland/Applications/SystemMonitor/GraphWidget.h
2 issues
Line: 14
#include <LibGfx/SystemTheme.h>
class GraphWidget final : public GUI::Frame {
C_OBJECT(GraphWidget)
public:
virtual ~GraphWidget() override;
void set_max(int max) { m_max = max; }
int max() const { return m_max; }
Reported by Cppcheck.
Line: 14
#include <LibGfx/SystemTheme.h>
class GraphWidget final : public GUI::Frame {
C_OBJECT(GraphWidget)
public:
virtual ~GraphWidget() override;
void set_max(int max) { m_max = max; }
int max() const { return m_max; }
Reported by Cppcheck.
Userland/DevTools/HackStudio/ClassViewWidget.h
2 issues
Line: 18
namespace HackStudio {
class ClassViewWidget final : public GUI::Widget {
C_OBJECT(ClassViewWidget)
public:
virtual ~ClassViewWidget() override { }
ClassViewWidget();
void refresh();
Reported by Cppcheck.
Line: 18
namespace HackStudio {
class ClassViewWidget final : public GUI::Widget {
C_OBJECT(ClassViewWidget)
public:
virtual ~ClassViewWidget() override { }
ClassViewWidget();
void refresh();
Reported by Cppcheck.
Kernel/Syscalls/sigaction.cpp
2 issues
Line: 98
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
stack_ptr++;
//pop edi, esi, ebp, esp, ebx, edx, ecx and eax
memcpy(®isters.edi, stack_ptr, 8 * sizeof(FlatPtr));
stack_ptr += 8;
registers.eip = *stack_ptr;
stack_ptr++;
Reported by FlawFinder.
Line: 121
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
stack_ptr++;
//pop rdi, rsi, rbp, rsp, rbx, rdx, rcx, rax, r8, r9, r10, r11, r12, r13, r14 and r15
memcpy(®isters.rdi, stack_ptr, 16 * sizeof(FlatPtr));
stack_ptr += 16;
registers.rip = *stack_ptr;
stack_ptr++;
Reported by FlawFinder.
Userland/Applications/Spreadsheet/Workbook.cpp
2 issues
Line: 48
Column: 38
CWE codes:
362
Result<bool, String> Workbook::load(const StringView& filename)
{
auto file_or_error = Core::File::open(filename, Core::OpenMode::ReadOnly);
if (file_or_error.is_error()) {
StringBuilder sb;
sb.append("Failed to open ");
sb.append(filename);
sb.append(" for reading. Error: ");
Reported by FlawFinder.
Line: 77
Column: 11
CWE codes:
362
{
auto mime = Core::guess_mime_type_based_on_filename(filename);
auto file = Core::File::construct(filename);
file->open(Core::OpenMode::WriteOnly);
if (!file->is_open()) {
StringBuilder sb;
sb.append("Failed to open ");
sb.append(filename);
sb.append(" for write. Error: ");
Reported by FlawFinder.
Kernel/FileSystem/DevPtsFS.h
2 issues
Line: 59
Column: 21
CWE codes:
362
Suggestion:
Use fchmod( ) instead
virtual KResultOr<NonnullRefPtr<Inode>> create_child(StringView name, mode_t, dev_t, uid_t, gid_t) override;
virtual KResult add_child(Inode&, const StringView& name, mode_t) override;
virtual KResult remove_child(const StringView& name) override;
virtual KResult chmod(mode_t) override;
virtual KResult chown(uid_t, gid_t) override;
WeakPtr<SlavePTY> m_pty;
InodeMetadata m_metadata;
};
Reported by FlawFinder.
Line: 60
Column: 21
CWE codes:
362
Suggestion:
Use fchown( ) instead
virtual KResult add_child(Inode&, const StringView& name, mode_t) override;
virtual KResult remove_child(const StringView& name) override;
virtual KResult chmod(mode_t) override;
virtual KResult chown(uid_t, gid_t) override;
WeakPtr<SlavePTY> m_pty;
InodeMetadata m_metadata;
};
Reported by FlawFinder.
Userland/Libraries/LibC/syslog.cpp
2 issues
Line: 103
Column: 6
CWE codes:
134
Suggestion:
Use a constant format string for syslog
va_end(ap);
}
void syslog(int priority, const char* message, ...)
{
va_list ap;
va_start(ap, message);
vsyslog_r(priority, &global_log_data, message, ap);
va_end(ap);
Reported by FlawFinder.
Line: 34
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Used when ident is null, since syslog traditionally prints the program's
// own name; the process name will always be the same unless we exec.
static char program_name_buffer[256];
static bool program_name_set = false;
// Convenience function for initialization and checking what string to use
// for the program name.
static const char* get_syslog_ident(struct syslog_data* data)
Reported by FlawFinder.
Userland/Applications/SpaceAnalyzer/TreeMapWidget.h
2 issues
Line: 31
};
class TreeMapWidget final : public GUI::Frame {
C_OBJECT(TreeMapWidget)
public:
virtual ~TreeMapWidget() override;
Function<void()> on_path_change;
Function<void(GUI::ContextMenuEvent&)> on_context_menu_request;
Reported by Cppcheck.
Line: 31
};
class TreeMapWidget final : public GUI::Frame {
C_OBJECT(TreeMapWidget)
public:
virtual ~TreeMapWidget() override;
Function<void()> on_path_change;
Function<void(GUI::ContextMenuEvent&)> on_context_menu_request;
Reported by Cppcheck.
Kernel/Syscalls/chmod.cpp
2 issues
Line: 20
Column: 37
CWE codes:
362
Suggestion:
Use fchmod( ) instead
auto path = get_syscall_path_argument(user_path, path_length);
if (path.is_error())
return path.error();
return VirtualFileSystem::the().chmod(path.value()->view(), mode, current_directory());
}
KResultOr<FlatPtr> Process::sys$fchmod(int fd, mode_t mode)
{
VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
Reported by FlawFinder.
Line: 30
Column: 25
CWE codes:
362
Suggestion:
Use fchmod( ) instead
auto description = fds().file_description(fd);
if (!description)
return EBADF;
return description->chmod(mode);
}
}
Reported by FlawFinder.
Userland/Libraries/LibC/sys/mman.cpp
2 issues
Line: 18
Column: 112
CWE codes:
126
void* serenity_mmap(void* addr, size_t size, int prot, int flags, int fd, off_t offset, size_t alignment, const char* name)
{
Syscall::SC_mmap_params params { (uintptr_t)addr, size, alignment, prot, flags, fd, offset, { name, name ? strlen(name) : 0 } };
ptrdiff_t rc = syscall(SC_mmap, ¶ms);
if (rc < 0 && rc > -EMAXERRNO) {
errno = -rc;
return MAP_FAILED;
}
Reported by FlawFinder.
Line: 66
Column: 67
CWE codes:
126
errno = EFAULT;
return -1;
}
Syscall::SC_set_mmap_name_params params { addr, size, { name, strlen(name) } };
int rc = syscall(SC_set_mmap_name, ¶ms);
__RETURN_WITH_ERRNO(rc, rc, -1);
}
int madvise(void* address, size_t size, int advice)
Reported by FlawFinder.
Userland/Libraries/LibC/sys/stat.h
2 issues
Line: 17
Column: 5
CWE codes:
362
Suggestion:
Use fchmod( ) instead
__BEGIN_DECLS
mode_t umask(mode_t);
int chmod(const char* pathname, mode_t);
int fchmod(int fd, mode_t);
int mkdir(const char* pathname, mode_t);
int mkfifo(const char* pathname, mode_t);
int fstat(int fd, struct stat* statbuf);
int lstat(const char* path, struct stat* statbuf);
Reported by FlawFinder.
Line: 16
Column: 8
CWE codes:
732
__BEGIN_DECLS
mode_t umask(mode_t);
int chmod(const char* pathname, mode_t);
int fchmod(int fd, mode_t);
int mkdir(const char* pathname, mode_t);
int mkfifo(const char* pathname, mode_t);
int fstat(int fd, struct stat* statbuf);
Reported by FlawFinder.