The following issues were found

Userland/Applications/MailSettings/MailSettingsWindow.h
2 issues
There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 13 

              #include <LibGUI/Window.h>

class MailSettingsWindow final : public GUI::Window {
    C_OBJECT(MailSettingsWindow)

private:
    MailSettingsWindow();

    void reset_default_values();

Reported by Cppcheck.

There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 13 

              #include <LibGUI/Window.h>

class MailSettingsWindow final : public GUI::Window {
    C_OBJECT(MailSettingsWindow)

private:
    MailSettingsWindow();

    void reset_default_values();

Reported by Cppcheck.

Userland/Libraries/LibC/syslog.cpp
2 issues
syslog - If syslog's format strings can be influenced by an attacker, they can be exploited
Security

Line: 103 Column: 6 CWE codes: 134
Suggestion: Use a constant format string for syslog 

                  va_end(ap);
}

void syslog(int priority, const char* message, ...)
{
    va_list ap;
    va_start(ap, message);
    vsyslog_r(priority, &global_log_data, message, ap);
    va_end(ap);

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 34 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
// Used when ident is null, since syslog traditionally prints the program's
// own name; the process name will always be the same unless we exec.
static char program_name_buffer[256];
static bool program_name_set = false;

// Convenience function for initialization and checking what string to use
// for the program name.
static const char* get_syslog_ident(struct syslog_data* data)

Reported by FlawFinder.

Userland/Applications/Mail/MailWidget.cpp
2 issues
syntax error: { . sequence_set
Error

Line: 446 

                  }

    fetch_command = IMAP::FetchCommand {
        .sequence_set { { id_of_email_to_load, id_of_email_to_load } },
        .data_items = {
            IMAP::FetchCommand::DataItem {
                .type = IMAP::FetchCommand::DataItemType::BodySection,
                .section = IMAP::FetchCommand::DataItem::Section {
                    .type = IMAP::FetchCommand::DataItem::SectionType::Parts,

Reported by Cppcheck.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 41 Column: 33 CWE codes: 362 

                  };

    m_web_view->on_link_click = [this](auto& url, auto&, unsigned) {
        if (!Desktop::Launcher::open(url)) {
            GUI::MessageBox::show(
                window(),
                String::formatted("The link to '{}' could not be opened.", url),
                "Failed to open link",
                GUI::MessageBox::Type::Error);

Reported by FlawFinder.

Userland/Applications/ImageViewer/main.cpp
2 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 106 Column: 32 CWE codes: 362 

                      widget.load_from_file(urls.first().path());

        for (size_t i = 1; i < urls.size(); ++i) {
            Desktop::Launcher::open(URL::create_with_file_protocol(urls[i].path().characters()), "/bin/ImageViewer");
        }
    };
    widget.on_doubleclick = [&] {
        window->set_fullscreen(!window->is_fullscreen());
        toolbar_container.set_visible(!window->is_fullscreen());

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 298 Column: 28 CWE codes: 362 

              
    auto& help_menu = window->add_menu("&Help");
    help_menu.add_action(GUI::CommonActions::make_help_action([](auto&) {
        Desktop::Launcher::open(URL::create_with_file_protocol("/usr/share/man/man1/ImageViewer.md"), "/bin/Help");
    }));
    help_menu.add_action(GUI::CommonActions::make_about_action("Image Viewer", app_icon, window));

    if (path != nullptr) {
        widget.load_from_file(path);

Reported by FlawFinder.

Userland/Applications/ImageViewer/ViewWidget.h
2 issues
There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 18 

              namespace ImageViewer {

class ViewWidget final : public GUI::Frame {
    C_OBJECT(ViewWidget)
public:
    enum Directions {
        First,
        Back,
        Forward,

Reported by Cppcheck.

There is an unknown macro here somewhere. Configuration is required. If C_OBJECT is a macro then please configure it.
Error

Line: 18 

              namespace ImageViewer {

class ViewWidget final : public GUI::Frame {
    C_OBJECT(ViewWidget)
public:
    enum Directions {
        First,
        Back,
        Forward,

Reported by Cppcheck.

Kernel/DoubleBuffer.cpp
2 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 60 Column: 15 CWE codes: 120 20 

                  MutexLocker locker(m_lock);
    size_t bytes_to_write = min(size, m_space_for_writing);
    u8* write_ptr = m_write_buffer->data + m_write_buffer->size;
    if (!data.read(write_ptr, bytes_to_write))
        return EFAULT;
    m_write_buffer->size += bytes_to_write;
    compute_lockfree_metadata();
    if (m_unblock_callback && !m_empty)
        m_unblock_callback();

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 69 Column: 33 CWE codes: 120 20 

                  return bytes_to_write;
}

KResultOr<size_t> DoubleBuffer::read(UserOrKernelBuffer& data, size_t size)
{
    if (!size || m_storage->is_null())
        return 0;
    MutexLocker locker(m_lock);
    if (m_read_buffer_index >= m_read_buffer->size && m_write_buffer->size != 0)

Reported by FlawFinder.

Userland/Libraries/LibC/sys/mman.cpp
2 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 18 Column: 112 CWE codes: 126 

              
void* serenity_mmap(void* addr, size_t size, int prot, int flags, int fd, off_t offset, size_t alignment, const char* name)
{
    Syscall::SC_mmap_params params { (uintptr_t)addr, size, alignment, prot, flags, fd, offset, { name, name ? strlen(name) : 0 } };
    ptrdiff_t rc = syscall(SC_mmap, &params);
    if (rc < 0 && rc > -EMAXERRNO) {
        errno = -rc;
        return MAP_FAILED;
    }

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 66 Column: 67 CWE codes: 126 

                      errno = EFAULT;
        return -1;
    }
    Syscall::SC_set_mmap_name_params params { addr, size, { name, strlen(name) } };
    int rc = syscall(SC_set_mmap_name, &params);
    __RETURN_WITH_ERRNO(rc, rc, -1);
}

int madvise(void* address, size_t size, int advice)

Reported by FlawFinder.

Userland/Libraries/LibC/sys/stat.h
2 issues
chmod - This accepts filename arguments; if an attacker can move those files, a race condition results.
Security

Line: 17 Column: 5 CWE codes: 362
Suggestion: Use fchmod( ) instead 

              __BEGIN_DECLS

mode_t umask(mode_t);
int chmod(const char* pathname, mode_t);
int fchmod(int fd, mode_t);
int mkdir(const char* pathname, mode_t);
int mkfifo(const char* pathname, mode_t);
int fstat(int fd, struct stat* statbuf);
int lstat(const char* path, struct stat* statbuf);

Reported by FlawFinder.

umask - Ensure that umask is given most restrictive possible setting (e.g., 066 or 077)
Security

Line: 16 Column: 8 CWE codes: 732 

              
__BEGIN_DECLS

mode_t umask(mode_t);
int chmod(const char* pathname, mode_t);
int fchmod(int fd, mode_t);
int mkdir(const char* pathname, mode_t);
int mkfifo(const char* pathname, mode_t);
int fstat(int fd, struct stat* statbuf);

Reported by FlawFinder.

Userland/Applications/HexEditor/GoToOffsetDialog.cpp
2 issues
Uninitialized variable: offset
Error

Line: 59 CWE codes: 908 

                  } else {
        VERIFY_NOT_REACHED();
    }
    return offset;
}

int GoToOffsetDialog::calculate_new_offset(int input_offset)
{
    int new_offset;

Reported by Cppcheck.

Uninitialized variable: new_offset
Error

Line: 76 CWE codes: 908 

                      VERIFY_NOT_REACHED();
    }

    if (new_offset > m_buffer_size)
        new_offset = m_buffer_size;
    if (new_offset < 0)
        new_offset = 0;

    return new_offset;

Reported by Cppcheck.

Userland/Libraries/LibC/shadow.cpp
2 issues
fopen - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 33 Column: 20 CWE codes: 362 

                  if (s_stream) {
        rewind(s_stream);
    } else {
        s_stream = fopen("/etc/shadow", "r");
        if (!s_stream) {
            dbgln("open /etc/shadow failed: {}", strerror(errno));
        }
    }
}

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 164 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                          return nullptr;
        }

        char buffer[1024];
        ++s_line_number;
        char* s = fgets(buffer, sizeof(buffer), s_stream);

        // Silently tolerate an empty line at the end.
        if ((!s || !s[0]) && feof(s_stream))

Reported by FlawFinder.