The following issues were found
Userland/Applications/Run/RunWindow.h
2 issues
Line: 16
#include <LibGUI/Window.h>
class RunWindow final : public GUI::Window {
C_OBJECT(RunWindow)
public:
virtual ~RunWindow() override;
virtual void event(Core::Event&) override;
Reported by Cppcheck.
Line: 16
#include <LibGUI/Window.h>
class RunWindow final : public GUI::Window {
C_OBJECT(RunWindow)
public:
virtual ~RunWindow() override;
virtual void event(Core::Event&) override;
Reported by Cppcheck.
Userland/Libraries/LibC/syslog.cpp
2 issues
Line: 103
Column: 6
CWE codes:
134
Suggestion:
Use a constant format string for syslog
va_end(ap);
}
void syslog(int priority, const char* message, ...)
{
va_list ap;
va_start(ap, message);
vsyslog_r(priority, &global_log_data, message, ap);
va_end(ap);
Reported by FlawFinder.
Line: 34
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Used when ident is null, since syslog traditionally prints the program's
// own name; the process name will always be the same unless we exec.
static char program_name_buffer[256];
static bool program_name_set = false;
// Convenience function for initialization and checking what string to use
// for the program name.
static const char* get_syslog_ident(struct syslog_data* data)
Reported by FlawFinder.
Kernel/Storage/StorageDevice.cpp
2 issues
Line: 40
Column: 34
CWE codes:
120
20
return m_storage_controller;
}
KResultOr<size_t> StorageDevice::read(FileDescription&, u64 offset, UserOrKernelBuffer& outbuf, size_t len)
{
unsigned index = offset / block_size();
u16 whole_blocks = len / block_size();
size_t remaining = len % block_size();
Reported by FlawFinder.
Line: 165
Column: 20
CWE codes:
120
20
}
}
if (!inbuf.read(data.data(), pos, remaining))
return EFAULT;
{
auto write_request = make_request<AsyncBlockDeviceRequest>(AsyncBlockDeviceRequest::Write, index + whole_blocks, 1, data_buffer, block_size());
auto result = write_request->wait();
Reported by FlawFinder.
Userland/Applications/PixelPaint/CreateNewImageDialog.h
2 issues
Line: 14
namespace PixelPaint {
class CreateNewImageDialog final : public GUI::Dialog {
C_OBJECT(CreateNewImageDialog)
public:
Gfx::IntSize const& image_size() const { return m_image_size; }
String const& image_name() const { return m_image_name; }
Reported by Cppcheck.
Line: 14
namespace PixelPaint {
class CreateNewImageDialog final : public GUI::Dialog {
C_OBJECT(CreateNewImageDialog)
public:
Gfx::IntSize const& image_size() const { return m_image_size; }
String const& image_name() const { return m_image_name; }
Reported by Cppcheck.
Kernel/Bus/VirtIO/VirtIOConsole.cpp
2 issues
Line: 209
Column: 74
CWE codes:
362
supply_chain_and_notify(CONTROL_TRANSMITQ, chain);
}
void VirtIOConsole::send_open_control_message(unsigned port_number, bool open)
{
ControlMessage port_open {
.id = static_cast<u32>(port_number),
.event = (u16)ControlEvent::PortOpen,
.value = open
Reported by FlawFinder.
Line: 214
Column: 18
CWE codes:
362
ControlMessage port_open {
.id = static_cast<u32>(port_number),
.event = (u16)ControlEvent::PortOpen,
.value = open
};
write_control_message(port_open);
}
}
Reported by FlawFinder.
Userland/Libraries/LibC/sys/mman.cpp
2 issues
Line: 18
Column: 112
CWE codes:
126
void* serenity_mmap(void* addr, size_t size, int prot, int flags, int fd, off_t offset, size_t alignment, const char* name)
{
Syscall::SC_mmap_params params { (uintptr_t)addr, size, alignment, prot, flags, fd, offset, { name, name ? strlen(name) : 0 } };
ptrdiff_t rc = syscall(SC_mmap, ¶ms);
if (rc < 0 && rc > -EMAXERRNO) {
errno = -rc;
return MAP_FAILED;
}
Reported by FlawFinder.
Line: 66
Column: 67
CWE codes:
126
errno = EFAULT;
return -1;
}
Syscall::SC_set_mmap_name_params params { addr, size, { name, strlen(name) } };
int rc = syscall(SC_set_mmap_name, ¶ms);
__RETURN_WITH_ERRNO(rc, rc, -1);
}
int madvise(void* address, size_t size, int advice)
Reported by FlawFinder.
Kernel/Storage/Partition/DiskPartition.cpp
2 issues
Line: 40
Column: 34
CWE codes:
120
20
request.block_index() + m_metadata.start_block(), request.block_count(), request.buffer(), request.buffer_size()));
}
KResultOr<size_t> DiskPartition::read(FileDescription& fd, u64 offset, UserOrKernelBuffer& outbuf, size_t len)
{
unsigned adjust = m_metadata.start_block() * block_size();
dbgln_if(OFFD_DEBUG, "DiskPartition::read offset={}, adjust={}, len={}", fd.offset(), adjust, len);
return m_device->read(fd, offset + adjust, outbuf, len);
}
Reported by FlawFinder.
Line: 44
Column: 22
CWE codes:
120
20
{
unsigned adjust = m_metadata.start_block() * block_size();
dbgln_if(OFFD_DEBUG, "DiskPartition::read offset={}, adjust={}, len={}", fd.offset(), adjust, len);
return m_device->read(fd, offset + adjust, outbuf, len);
}
bool DiskPartition::can_read(const FileDescription& fd, size_t offset) const
{
unsigned adjust = m_metadata.start_block() * block_size();
Reported by FlawFinder.
Userland/Applications/Piano/KeysWidget.h
2 issues
Line: 16
class TrackManager;
class KeysWidget final : public GUI::Frame {
C_OBJECT(KeysWidget)
public:
virtual ~KeysWidget() override;
int key_code_to_key(int key_code) const;
int mouse_note() const;
Reported by Cppcheck.
Line: 16
class TrackManager;
class KeysWidget final : public GUI::Frame {
C_OBJECT(KeysWidget)
public:
virtual ~KeysWidget() override;
int key_code_to_key(int key_code) const;
int mouse_note() const;
Reported by Cppcheck.
Userland/Applications/Piano/AudioPlayerLoop.h
2 issues
Line: 20
// Wrapper class accepting custom events to advance the track playing and forward audio data to the system.
// This does not run on a separate thread, preventing IPC multithreading madness.
class AudioPlayerLoop : public Core::Object {
C_OBJECT(AudioPlayerLoop)
public:
AudioPlayerLoop(TrackManager& track_manager, bool& need_to_write_wav, Audio::WavWriter& wav_writer);
void enqueue_audio();
Reported by Cppcheck.
Line: 20
// Wrapper class accepting custom events to advance the track playing and forward audio data to the system.
// This does not run on a separate thread, preventing IPC multithreading madness.
class AudioPlayerLoop : public Core::Object {
C_OBJECT(AudioPlayerLoop)
public:
AudioPlayerLoop(TrackManager& track_manager, bool& need_to_write_wav, Audio::WavWriter& wav_writer);
void enqueue_audio();
Reported by Cppcheck.
Userland/Libraries/LibC/sys/stat.h
2 issues
Line: 17
Column: 5
CWE codes:
362
Suggestion:
Use fchmod( ) instead
__BEGIN_DECLS
mode_t umask(mode_t);
int chmod(const char* pathname, mode_t);
int fchmod(int fd, mode_t);
int mkdir(const char* pathname, mode_t);
int mkfifo(const char* pathname, mode_t);
int fstat(int fd, struct stat* statbuf);
int lstat(const char* path, struct stat* statbuf);
Reported by FlawFinder.
Line: 16
Column: 8
CWE codes:
732
__BEGIN_DECLS
mode_t umask(mode_t);
int chmod(const char* pathname, mode_t);
int fchmod(int fd, mode_t);
int mkdir(const char* pathname, mode_t);
int mkfifo(const char* pathname, mode_t);
int fstat(int fd, struct stat* statbuf);
Reported by FlawFinder.