The following issues were found
Userland/DevTools/Profiler/Profile.h
10 issues
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Line: 83
CWE codes:
562
}
auto new_child = ProfileNode::create(m_process, move(object_name), move(symbol), address, offset, timestamp, pid);
add_child(new_child);
return new_child;
};
ProfileNode* parent() { return m_parent; }
const ProfileNode* parent() const { return m_parent; }
Reported by Cppcheck.
Kernel/Net/LocalSocket.cpp
10 issues
Line: 434
Column: 22
CWE codes:
362
Suggestion:
Use fchmod( ) instead
}
}
KResult LocalSocket::chmod(FileDescription&, mode_t mode)
{
if (m_file)
return m_file->chmod(mode);
m_prebind_mode = mode & 0777;
Reported by FlawFinder.
Line: 437
Column: 24
CWE codes:
362
Suggestion:
Use fchmod( ) instead
KResult LocalSocket::chmod(FileDescription&, mode_t mode)
{
if (m_file)
return m_file->chmod(mode);
m_prebind_mode = mode & 0777;
return KSuccess;
}
Reported by FlawFinder.
Line: 443
Column: 22
CWE codes:
362
Suggestion:
Use fchown( ) instead
return KSuccess;
}
KResult LocalSocket::chown(FileDescription&, uid_t uid, gid_t gid)
{
if (m_file)
return m_file->chown(uid, gid);
auto& current_process = Process::current();
Reported by FlawFinder.
Line: 446
Column: 24
CWE codes:
362
Suggestion:
Use fchown( ) instead
KResult LocalSocket::chown(FileDescription&, uid_t uid, gid_t gid)
{
if (m_file)
return m_file->chown(uid, gid);
auto& current_process = Process::current();
if (!current_process.is_superuser() && (current_process.euid() != uid || !current_process.in_group(gid)))
return set_so_error(EPERM);
Reported by FlawFinder.
Line: 62
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return description1_result.error();
socket->m_address.sun_family = AF_LOCAL;
memcpy(socket->m_address.sun_path, "[socketpair]", 13);
auto& process = Process::current();
socket->m_acceptor = { process.pid().value(), process.uid(), process.gid() };
socket->set_connected(true);
Reported by FlawFinder.
Line: 112
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void LocalSocket::get_local_address(sockaddr* address, socklen_t* address_size)
{
size_t bytes_to_copy = min(static_cast<size_t>(*address_size), sizeof(sockaddr_un));
memcpy(address, &m_address, bytes_to_copy);
*address_size = sizeof(sockaddr_un);
}
void LocalSocket::get_peer_address(sockaddr* address, socklen_t* address_size)
{
Reported by FlawFinder.
Line: 140
Column: 44
CWE codes:
362
mode_t mode = S_IFSOCK | (m_prebind_mode & 0777);
UidAndGid owner { m_prebind_uid, m_prebind_gid };
auto result = VirtualFileSystem::the().open(path, O_CREAT | O_EXCL | O_NOFOLLOW_NOERROR, mode, Process::current().current_directory(), owner);
if (result.is_error()) {
if (result.error() == EEXIST)
return set_so_error(EADDRINUSE);
return result.error();
}
Reported by FlawFinder.
Line: 175
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return set_so_error(EISCONN);
const auto& local_address = *reinterpret_cast<const sockaddr_un*>(user_address);
char safe_address[sizeof(local_address.sun_path) + 1] = { 0 };
if (!copy_from_user(&safe_address[0], &local_address.sun_path[0], sizeof(safe_address) - 1))
return set_so_error(EFAULT);
safe_address[sizeof(safe_address) - 1] = '\0';
dbgln_if(LOCAL_SOCKET_DEBUG, "LocalSocket({}) connect({})", this, safe_address);
Reported by FlawFinder.
Line: 182
Column: 58
CWE codes:
362
dbgln_if(LOCAL_SOCKET_DEBUG, "LocalSocket({}) connect({})", this, safe_address);
auto description_or_error = VirtualFileSystem::the().open(safe_address, O_RDWR, 0, Process::current().current_directory());
if (description_or_error.is_error())
return set_so_error(ECONNREFUSED);
m_file = move(description_or_error.value());
Reported by FlawFinder.
Line: 352
Column: 42
CWE codes:
120
20
if (!has_attached_peer(description) && socket_buffer->is_empty())
return 0;
VERIFY(!socket_buffer->is_empty());
auto nread_or_error = socket_buffer->read(buffer, buffer_size);
if (!nread_or_error.is_error() && nread_or_error.value() > 0)
Thread::current()->did_unix_socket_read(nread_or_error.value());
return nread_or_error;
}
Reported by FlawFinder.
Meta/lint-ports.py
10 issues
Line: 91
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
props = {}
for prop in PORT_PROPERTIES:
res = subprocess.run(f"cd {port}; exec ./package.sh showproperty {prop}", shell=True, capture_output=True)
if res.returncode == 0:
props[prop] = res.stdout.decode('utf-8').strip()
else:
print((
f'Executing "./package.sh showproperty {prop}" script for port {port} failed with '
Reported by Bandit.
Line: 91
Column: 15
props = {}
for prop in PORT_PROPERTIES:
res = subprocess.run(f"cd {port}; exec ./package.sh showproperty {prop}", shell=True, capture_output=True)
if res.returncode == 0:
props[prop] = res.stdout.decode('utf-8').strip()
else:
print((
f'Executing "./package.sh showproperty {prop}" script for port {port} failed with '
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python3
import os
import re
import sys
import subprocess
# Matches e.g. "| [`bash`](bash/) | GNU Bash | 5.0 | https://www.gnu.org/software/bash/ |"
# and captures "bash" in group 1, "bash/" in group 2, "<spaces>" in group 3, "GNU Bash" in group 4, "5.0" in group 5
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python3
import os
import re
import sys
import subprocess
# Matches e.g. "| [`bash`](bash/) | GNU Bash | 5.0 | https://www.gnu.org/software/bash/ |"
# and captures "bash" in group 1, "bash/" in group 2, "<spaces>" in group 3, "GNU Bash" in group 4, "5.0" in group 5
Reported by Pylint.
Line: 6
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import os
import re
import sys
import subprocess
# Matches e.g. "| [`bash`](bash/) | GNU Bash | 5.0 | https://www.gnu.org/software/bash/ |"
# and captures "bash" in group 1, "bash/" in group 2, "<spaces>" in group 3, "GNU Bash" in group 4, "5.0" in group 5
# and "https://www.gnu.org/software/bash/" in group 6.
PORT_TABLE_REGEX = re.compile(
Reported by Bandit.
Line: 9
Column: 1
import subprocess
# Matches e.g. "| [`bash`](bash/) | GNU Bash | 5.0 | https://www.gnu.org/software/bash/ |"
# and captures "bash" in group 1, "bash/" in group 2, "<spaces>" in group 3, "GNU Bash" in group 4, "5.0" in group 5
# and "https://www.gnu.org/software/bash/" in group 6.
PORT_TABLE_REGEX = re.compile(
r'^\| \[`([^`]+)`\]\(([^\)]+)\)([^\|]+) \| ([^\|]+) \| ([^\|]+?) \| ([^\|]+) \|+$', re.MULTILINE
)
Reported by Pylint.
Line: 40
Column: 33
set: all PORT_TABLE_REGEX matches
"""
ports = {}
with open(filename, 'r') as fp:
matches = PORT_TABLE_REGEX.findall(fp.read())
for match in matches:
line_len = sum([len(part) for part in match])
ports[match[0]] = {
"dir_ref": match[1],
Reported by Pylint.
Line: 91
Column: 1
props = {}
for prop in PORT_PROPERTIES:
res = subprocess.run(f"cd {port}; exec ./package.sh showproperty {prop}", shell=True, capture_output=True)
if res.returncode == 0:
props[prop] = res.stdout.decode('utf-8').strip()
else:
print((
f'Executing "./package.sh showproperty {prop}" script for port {port} failed with '
Reported by Pylint.
Line: 97
Column: 1
else:
print((
f'Executing "./package.sh showproperty {prop}" script for port {port} failed with '
f'exit code {res.returncode}, output from stderr:\n{res.stderr.decode("utf-8").strip()}'
))
props[prop] = ''
return props
Reported by Pylint.
Line: 122
Column: 1
props = get_port_properties(port)
if not props['auth_type'] in ('sha256', 'sig', ''):
print(f"Ports/{port} uses invalid signature algorithm '{props['auth_type']}' for 'auth_type'")
all_good = False
for prop in PORT_PROPERTIES:
if prop == 'auth_type' and re.match('^https://github.com/SerenityOS/', props["files"]):
continue
Reported by Pylint.
Userland/Libraries/LibCore/IODevice.cpp
9 issues
Line: 36
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int IODevice::read(u8* buffer, int length)
{
auto read_buffer = read(length);
memcpy(buffer, read_buffer.data(), length);
return read_buffer.size();
}
ByteBuffer IODevice::read(size_t max_size)
{
Reported by FlawFinder.
Line: 52
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t taken_from_buffered = 0;
if (!m_buffered_data.is_empty()) {
taken_from_buffered = min(remaining_buffer_space, m_buffered_data.size());
memcpy(buffer_ptr, m_buffered_data.data(), taken_from_buffered);
Vector<u8> new_buffered_data;
new_buffered_data.append(m_buffered_data.data() + taken_from_buffered, m_buffered_data.size() - taken_from_buffered);
m_buffered_data = move(new_buffered_data);
remaining_buffer_space -= taken_from_buffered;
buffer_ptr += taken_from_buffered;
Reported by FlawFinder.
Line: 157
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
while (true) {
char read_buffer[4096];
int nread = ::read(m_fd, read_buffer, sizeof(read_buffer));
if (nread < 0) {
set_error(errno);
break;
}
Reported by FlawFinder.
Line: 33
Column: 15
CWE codes:
120
20
return strerror(m_error);
}
int IODevice::read(u8* buffer, int length)
{
auto read_buffer = read(length);
memcpy(buffer, read_buffer.data(), length);
return read_buffer.size();
}
Reported by FlawFinder.
Line: 35
Column: 24
CWE codes:
120
20
int IODevice::read(u8* buffer, int length)
{
auto read_buffer = read(length);
memcpy(buffer, read_buffer.data(), length);
return read_buffer.size();
}
ByteBuffer IODevice::read(size_t max_size)
Reported by FlawFinder.
Line: 61
Column: 19
CWE codes:
120
20
}
if (!remaining_buffer_space)
return buffer;
int nread = ::read(m_fd, buffer_ptr, remaining_buffer_space);
if (nread < 0) {
if (taken_from_buffered) {
buffer.resize(taken_from_buffered);
return buffer;
}
Reported by FlawFinder.
Line: 158
Column: 23
CWE codes:
120
20
while (true) {
char read_buffer[4096];
int nread = ::read(m_fd, read_buffer, sizeof(read_buffer));
if (nread < 0) {
set_error(errno);
break;
}
if (nread == 0) {
Reported by FlawFinder.
Line: 210
Column: 19
CWE codes:
120
20
if (m_fd < 0)
return false;
u8 buffer[1024];
int nread = ::read(m_fd, buffer, sizeof(buffer));
if (nread < 0) {
set_error(errno);
return false;
}
if (nread == 0) {
Reported by FlawFinder.
Userland/Libraries/LibCrypto/ASN1/DER.cpp
9 issues
Line: 294
Column: 38
CWE codes:
120
20
builder.appendff("[{}] {}", type_name(tag.value().type), kind_name(tag.value().kind));
switch (tag.value().kind) {
case Kind::Eol: {
auto value = decoder.read<ReadonlyBytes>();
if (value.is_error()) {
dbgln("EOL PrettyPrint error: {}", value.error());
return;
}
break;
Reported by FlawFinder.
Line: 302
Column: 38
CWE codes:
120
20
break;
}
case Kind::Boolean: {
auto value = decoder.read<bool>();
if (value.is_error()) {
dbgln("Bool PrettyPrint error: {}", value.error());
return;
}
builder.appendff(" {}", value.value());
Reported by FlawFinder.
Line: 311
Column: 38
CWE codes:
120
20
break;
}
case Kind::Integer: {
auto value = decoder.read<ReadonlyBytes>();
if (value.is_error()) {
dbgln("Integer PrettyPrint error: {}", value.error());
return;
}
builder.append(" 0x");
Reported by FlawFinder.
Line: 322
Column: 38
CWE codes:
120
20
break;
}
case Kind::BitString: {
auto value = decoder.read<const BitmapView>();
if (value.is_error()) {
dbgln("BitString PrettyPrint error: {}", value.error());
return;
}
builder.append(" 0b");
Reported by FlawFinder.
Line: 333
Column: 38
CWE codes:
120
20
break;
}
case Kind::OctetString: {
auto value = decoder.read<StringView>();
if (value.is_error()) {
dbgln("OctetString PrettyPrint error: {}", value.error());
return;
}
builder.append(" 0x");
Reported by FlawFinder.
Line: 344
Column: 38
CWE codes:
120
20
break;
}
case Kind::Null: {
auto value = decoder.read<decltype(nullptr)>();
if (value.is_error()) {
dbgln("Bool PrettyPrint error: {}", value.error());
return;
}
break;
Reported by FlawFinder.
Line: 352
Column: 38
CWE codes:
120
20
break;
}
case Kind::ObjectIdentifier: {
auto value = decoder.read<Vector<int>>();
if (value.is_error()) {
dbgln("Identifier PrettyPrint error: {}", value.error());
return;
}
for (auto& id : value.value())
Reported by FlawFinder.
Line: 365
Column: 38
CWE codes:
120
20
case Kind::GeneralizedTime:
case Kind::IA5String:
case Kind::PrintableString: {
auto value = decoder.read<StringView>();
if (value.is_error()) {
dbgln("String PrettyPrint error: {}", value.error());
return;
}
builder.append(' ');
Reported by FlawFinder.
Line: 375
Column: 38
CWE codes:
120
20
break;
}
case Kind::Utf8String: {
auto value = decoder.read<Utf8View>();
if (value.is_error()) {
dbgln("UTF8 PrettyPrint error: {}", value.error());
return;
}
builder.append(' ');
Reported by FlawFinder.
Userland/Libraries/LibCrypto/PK/RSA.cpp
9 issues
Line: 85
ScopeGuard leave { [&] {
auto error = decoder.leave();
if (error.has_value()) {
dbgln_if(RSA_PARSE_DEBUG, "RSA key parse failed: {}", error.value());
has_read_error = true;
}
} };
Reported by Cppcheck.
Line: 92
Column: 35
CWE codes:
120
20
} };
// Now let's read the OID.
auto oid_result = decoder.read<Vector<int>>();
if (oid_result.is_error()) {
dbgln_if(RSA_PARSE_DEBUG, "RSA PKCS#8 public key parse failed: {}", oid_result.error());
return false;
}
Reported by FlawFinder.
Line: 109
Column: 35
CWE codes:
120
20
return true;
};
auto integer_result = decoder.read<UnsignedBigInteger>();
if (!integer_result.is_error()) {
auto first_integer = integer_result.release_value();
// It's either a PKCS#1 key, or a PKCS#8 private key.
Reported by FlawFinder.
Line: 120
Column: 40
CWE codes:
120
20
if (has_read_error)
return keypair;
// Now read the private key, which is actually an octet string containing the PKCS#1 encoded private key.
auto data_result = decoder.read<StringView>();
if (data_result.is_error()) {
dbgln_if(RSA_PARSE_DEBUG, "RSA PKCS#8 private key parse failed: {}", data_result.error());
return keypair;
}
return parse_rsa_key(data_result.value().bytes());
Reported by FlawFinder.
Line: 135
Column: 43
CWE codes:
120
20
// if the first integer is zero or one, it's a private key.
if (first_integer == 0) {
// This is a private key, parse the rest.
auto modulus_result = decoder.read<UnsignedBigInteger>();
if (modulus_result.is_error()) {
dbgln_if(RSA_PARSE_DEBUG, "RSA PKCS#1 private key parse failed: {}", modulus_result.error());
return keypair;
}
auto modulus = modulus_result.release_value();
Reported by FlawFinder.
Line: 142
Column: 51
CWE codes:
120
20
}
auto modulus = modulus_result.release_value();
auto public_exponent_result = decoder.read<UnsignedBigInteger>();
if (public_exponent_result.is_error()) {
dbgln_if(RSA_PARSE_DEBUG, "RSA PKCS#1 private key parse failed: {}", public_exponent_result.error());
return keypair;
}
auto public_exponent = public_exponent_result.release_value();
Reported by FlawFinder.
Line: 149
Column: 52
CWE codes:
120
20
}
auto public_exponent = public_exponent_result.release_value();
auto private_exponent_result = decoder.read<UnsignedBigInteger>();
if (private_exponent_result.is_error()) {
dbgln_if(RSA_PARSE_DEBUG, "RSA PKCS#1 private key parse failed: {}", private_exponent_result.error());
return keypair;
}
auto private_exponent = private_exponent_result.release_value();
Reported by FlawFinder.
Line: 170
Column: 51
CWE codes:
120
20
auto&& modulus = move(first_integer);
// Try reading a public key, `first_integer` is the modulus.
auto public_exponent_result = decoder.read<UnsignedBigInteger>();
if (public_exponent_result.is_error()) {
// Bad public key.
dbgln_if(RSA_PARSE_DEBUG, "RSA PKCS#1 public key parse failed: {}", public_exponent_result.error());
return keypair;
}
Reported by FlawFinder.
Line: 192
Column: 36
CWE codes:
120
20
return keypair;
// Now we have a bit string, which contains the PKCS#1 encoded public key.
auto data_result = decoder.read<BitmapView>();
if (data_result.is_error()) {
dbgln_if(RSA_PARSE_DEBUG, "RSA PKCS#8 public key parse failed: {}", data_result.error());
return keypair;
}
Reported by FlawFinder.
Meta/lint-keymaps.py
9 issues
Line: 1
Column: 1
#!/usr/bin/env python3
import json
import os
import sys
PERMITTED_MAPS = ['map', 'shift_map', 'alt_map', 'altgr_map', 'shift_altgr_map']
REQUIRED_MAPS = ['map', 'shift_map', 'alt_map']
# See Userland/Libraries/LibKeyboard/CharacterMapFile.cpp
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python3
import json
import os
import sys
PERMITTED_MAPS = ['map', 'shift_map', 'alt_map', 'altgr_map', 'shift_altgr_map']
REQUIRED_MAPS = ['map', 'shift_map', 'alt_map']
# See Userland/Libraries/LibKeyboard/CharacterMapFile.cpp
Reported by Pylint.
Line: 46
Column: 12
report(filename, 'no values set in {}'.format(mapname))
all_good = False
for i, c in enumerate(values):
if len(c) > 1:
report(filename, 'more than one character ("{}") for charmap index {} of {}'.format(c, i, mapname))
all_good = False
if len(values) == 0:
Reported by Pylint.
Line: 48
Column: 1
for i, c in enumerate(values):
if len(c) > 1:
report(filename, 'more than one character ("{}") for charmap index {} of {}'.format(c, i, mapname))
all_good = False
if len(values) == 0:
report(filename, 'map {} is empty.'.format(mapname))
all_good = False
Reported by Pylint.
Line: 56
Column: 1
all_good = False
if len(values) not in GOOD_MAP_LENGTHS:
report(filename, 'length {} of map {} is suspicious. Off-by-one?'.format(len(values), mapname))
all_good = False
return all_good
Reported by Pylint.
Line: 91
Column: 1
report(filename, 'map {} is missing'.format(name))
all_good = False
if 'altgr_map' in fullmap and 'alt_map' in fullmap and fullmap['altgr_map'] == fullmap['alt_map']:
report(filename, 'altgr_map is identical to alt_map. Remove altgr_map for the same effect.')
report(filename, '(Or add new characters!)')
all_good = False
if 'shift_altgr_map' in fullmap and 'alt_map' in fullmap and fullmap['shift_altgr_map'] == fullmap['alt_map']:
Reported by Pylint.
Line: 96
Column: 1
report(filename, '(Or add new characters!)')
all_good = False
if 'shift_altgr_map' in fullmap and 'alt_map' in fullmap and fullmap['shift_altgr_map'] == fullmap['alt_map']:
report(filename, 'shift_altgr_map is identical to alt_map. Remove shift_altgr_map for the same effect.')
report(filename, '(Or add new characters!)')
all_good = False
return all_good
Reported by Pylint.
Line: 97
Column: 1
all_good = False
if 'shift_altgr_map' in fullmap and 'alt_map' in fullmap and fullmap['shift_altgr_map'] == fullmap['alt_map']:
report(filename, 'shift_altgr_map is identical to alt_map. Remove shift_altgr_map for the same effect.')
report(filename, '(Or add new characters!)')
all_good = False
return all_good
Reported by Pylint.
Line: 116
Column: 37
passed = 0
for filename in filenames:
with open(filename, 'r') as fp:
fullmap = json.load(fp)
if validate_fullmap(filename, fullmap):
passed += 1
print('{} out of {} keymaps passed.'.format(passed, len(filenames)))
Reported by Pylint.
Userland/Libraries/LibC/wchar.cpp
9 issues
Line: 21
Column: 10
CWE codes:
120
Suggestion:
Consider using a function version that stops copying at the end of the buffer
return len;
}
wchar_t* wcscpy(wchar_t* dest, const wchar_t* src)
{
wchar_t* original_dest = dest;
while ((*dest++ = *src++) != '\0')
;
return original_dest;
Reported by FlawFinder.
Line: 80
Column: 10
CWE codes:
120
return last;
}
wchar_t* wcscat(wchar_t* dest, const wchar_t* src)
{
size_t dest_length = wcslen(dest);
size_t i;
for (i = 0; src[i] != '\0'; i++)
dest[dest_length + i] = src[i];
Reported by FlawFinder.
Line: 13
Column: 8
CWE codes:
126
extern "C" {
size_t wcslen(const wchar_t* str)
{
size_t len = 0;
while (*(str++))
++len;
return len;
Reported by FlawFinder.
Line: 29
Column: 10
CWE codes:
120
return original_dest;
}
wchar_t* wcsncpy(wchar_t* dest, const wchar_t* src, size_t num)
{
wchar_t* original_dest = dest;
while (((*dest++ = *src++) != '\0') && ((size_t)(dest - original_dest) < num))
;
return original_dest;
Reported by FlawFinder.
Line: 82
Column: 26
CWE codes:
126
wchar_t* wcscat(wchar_t* dest, const wchar_t* src)
{
size_t dest_length = wcslen(dest);
size_t i;
for (i = 0; src[i] != '\0'; i++)
dest[dest_length + i] = src[i];
dest[dest_length + i] = '\0';
return dest;
Reported by FlawFinder.
Line: 90
Column: 10
CWE codes:
120
Suggestion:
Consider strcat_s, strlcat, or automatically resizing strings
return dest;
}
wchar_t* wcsncat(wchar_t* dest, const wchar_t* src, size_t n)
{
size_t dest_length = wcslen(dest);
size_t i;
for (i = 0; i < n && src[i] != '\0'; i++)
dest[dest_length + i] = src[i];
Reported by FlawFinder.
Line: 92
Column: 26
CWE codes:
126
wchar_t* wcsncat(wchar_t* dest, const wchar_t* src, size_t n)
{
size_t dest_length = wcslen(dest);
size_t i;
for (i = 0; i < n && src[i] != '\0'; i++)
dest[dest_length + i] = src[i];
dest[dest_length + i] = '\0';
return dest;
Reported by FlawFinder.
Line: 109
Column: 22
CWE codes:
126
size_t token_start = 0;
size_t token_end = 0;
size_t str_len = wcslen(used_str);
size_t delim_len = wcslen(delim);
for (size_t i = 0; i < str_len; ++i) {
bool is_proper_delim = false;
Reported by FlawFinder.
Line: 110
Column: 24
CWE codes:
126
size_t token_start = 0;
size_t token_end = 0;
size_t str_len = wcslen(used_str);
size_t delim_len = wcslen(delim);
for (size_t i = 0; i < str_len; ++i) {
bool is_proper_delim = false;
for (size_t j = 0; j < delim_len; ++j) {
Reported by FlawFinder.
Userland/Libraries/LibCore/FileStream.h
9 issues
Line: 23
Column: 45
CWE codes:
362
{
}
static Result<InputFileStream, OSError> open(StringView filename, OpenMode mode = OpenMode::ReadOnly, mode_t permissions = 0644)
{
VERIFY(has_flag(mode, OpenMode::ReadOnly));
auto file_result = File::open(filename, mode, permissions);
Reported by FlawFinder.
Line: 27
Column: 34
CWE codes:
362
{
VERIFY(has_flag(mode, OpenMode::ReadOnly));
auto file_result = File::open(filename, mode, permissions);
if (file_result.is_error())
return file_result.error();
return InputFileStream { file_result.value() };
Reported by FlawFinder.
Line: 39
Column: 34
CWE codes:
362
{
VERIFY(has_flag(mode, OpenMode::ReadOnly));
auto file_result = File::open(filename, mode, permissions);
if (file_result.is_error())
return file_result.error();
return Buffered<InputFileStream> { file_result.value() };
Reported by FlawFinder.
Line: 92
Column: 46
CWE codes:
362
{
}
static Result<OutputFileStream, OSError> open(StringView filename, OpenMode mode = OpenMode::WriteOnly, mode_t permissions = 0644)
{
VERIFY(has_flag(mode, OpenMode::WriteOnly));
auto file_result = File::open(filename, mode, permissions);
Reported by FlawFinder.
Line: 96
Column: 34
CWE codes:
362
{
VERIFY(has_flag(mode, OpenMode::WriteOnly));
auto file_result = File::open(filename, mode, permissions);
if (file_result.is_error())
return file_result.error();
return OutputFileStream { file_result.value() };
Reported by FlawFinder.
Line: 108
Column: 34
CWE codes:
362
{
VERIFY(has_flag(mode, OpenMode::WriteOnly));
auto file_result = File::open(filename, mode, permissions);
if (file_result.is_error())
return file_result.error();
return Buffered<OutputFileStream> { file_result.value() };
Reported by FlawFinder.
Line: 47
Column: 12
CWE codes:
120
20
return Buffered<InputFileStream> { file_result.value() };
}
size_t read(Bytes bytes) override
{
if (has_any_error())
return 0;
const auto buffer = m_file->read(bytes.size());
Reported by FlawFinder.
Line: 52
Column: 37
CWE codes:
120
20
if (has_any_error())
return 0;
const auto buffer = m_file->read(bytes.size());
return buffer.bytes().copy_to(bytes);
}
bool read_or_error(Bytes bytes) override
{
Reported by FlawFinder.
Tests/LibC/accuracy-strtod.cpp
9 issues
Line: 243
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
double as_double;
long long as_ll;
};
typedef char assert_double_8bytes[sizeof(double) == 8 ? 1 : -1];
[[maybe_unused]] auto double_size = sizeof(assert_double_8bytes);
typedef char assert_ll_8bytes[sizeof(long long) == 8 ? 1 : -1];
[[maybe_unused]] auto longlong_size = sizeof(assert_ll_8bytes);
typedef char assert_readable_8bytes[sizeof(readable_t) == 8 ? 1 : -1];
[[maybe_unused]] auto readable8_size = sizeof(assert_readable_8bytes);
Reported by FlawFinder.
Line: 245
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
typedef char assert_double_8bytes[sizeof(double) == 8 ? 1 : -1];
[[maybe_unused]] auto double_size = sizeof(assert_double_8bytes);
typedef char assert_ll_8bytes[sizeof(long long) == 8 ? 1 : -1];
[[maybe_unused]] auto longlong_size = sizeof(assert_ll_8bytes);
typedef char assert_readable_8bytes[sizeof(readable_t) == 8 ? 1 : -1];
[[maybe_unused]] auto readable8_size = sizeof(assert_readable_8bytes);
readable_t readable;
readable.as_double = d;
Reported by FlawFinder.
Line: 247
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
[[maybe_unused]] auto double_size = sizeof(assert_double_8bytes);
typedef char assert_ll_8bytes[sizeof(long long) == 8 ? 1 : -1];
[[maybe_unused]] auto longlong_size = sizeof(assert_ll_8bytes);
typedef char assert_readable_8bytes[sizeof(readable_t) == 8 ? 1 : -1];
[[maybe_unused]] auto readable8_size = sizeof(assert_readable_8bytes);
readable_t readable;
readable.as_double = d;
return readable.as_ll;
}
Reported by FlawFinder.
Line: 258
Column: 18
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
union readable_t {
double as_double;
unsigned char as_bytes[8];
};
typedef char assert_double_8bytes[sizeof(double) == 8 ? 1 : -1];
[[maybe_unused]] auto double_size = sizeof(assert_double_8bytes);
typedef char assert_readable_8bytes[sizeof(readable_t) == 8 ? 1 : -1];
[[maybe_unused]] auto readable8_size = sizeof(assert_readable_8bytes);
Reported by FlawFinder.
Line: 260
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
double as_double;
unsigned char as_bytes[8];
};
typedef char assert_double_8bytes[sizeof(double) == 8 ? 1 : -1];
[[maybe_unused]] auto double_size = sizeof(assert_double_8bytes);
typedef char assert_readable_8bytes[sizeof(readable_t) == 8 ? 1 : -1];
[[maybe_unused]] auto readable8_size = sizeof(assert_readable_8bytes);
readable_t readable;
char* endptr = (char*)0x123;
Reported by FlawFinder.
Line: 262
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
typedef char assert_double_8bytes[sizeof(double) == 8 ? 1 : -1];
[[maybe_unused]] auto double_size = sizeof(assert_double_8bytes);
typedef char assert_readable_8bytes[sizeof(readable_t) == 8 ? 1 : -1];
[[maybe_unused]] auto readable8_size = sizeof(assert_readable_8bytes);
readable_t readable;
char* endptr = (char*)0x123;
readable.as_double = strtod_fn(test_string, &endptr);
Reported by FlawFinder.
Line: 269
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
readable.as_double = strtod_fn(test_string, &endptr);
char actual_hex[16 + 1] = { 0 };
for (size_t i = 0; i < 8; ++i) {
// Little endian, need to reverse order.
snprintf(&actual_hex[2 * i], 3, "%02x", readable.as_bytes[8 - 1 - i]);
}
Reported by FlawFinder.
Line: 281
Column: 48
CWE codes:
126
if (endptr < test_string) {
actual_consume = 999;
} else {
const char* max_endptr = test_string + strlen(test_string);
actual_consume_possible = endptr <= max_endptr;
actual_consume = endptr - test_string;
}
long long actual_ll = cast_ll(readable.as_double);
Reported by FlawFinder.
Line: 337
Column: 33
CWE codes:
126
for (size_t i = 0; i < NUM_TESTCASES; i++) {
Testcase& tc = TESTCASES[i];
if (tc.should_consume == -1) {
tc.should_consume = strlen(tc.test_string);
}
printf("%3zu(%-5s):", i, tc.test_name);
printf(" %s(%2d)", tc.hex, tc.should_consume);
long long expect_ll = hex_to_ll(tc.hex);
Reported by FlawFinder.