The following issues were found
Userland/Utilities/netstat.cpp
2 issues
Line: 153
Column: 20
CWE codes:
362
if (!has_protocol_flag || flag_tcp) {
auto file = Core::File::construct("/proc/net/tcp");
if (!file->open(Core::OpenMode::ReadOnly)) {
warnln("Error: {}", file->error_string());
return 1;
}
auto file_contents = file->read_all();
Reported by FlawFinder.
Line: 207
Column: 20
CWE codes:
362
if (!has_protocol_flag || flag_udp) {
auto file = Core::File::construct("/proc/net/udp");
if (!file->open(Core::OpenMode::ReadOnly)) {
warnln("Error: {}", file->error_string());
return 1;
}
auto file_contents = file->read_all();
Reported by FlawFinder.
Userland/Utilities/nl.cpp
2 issues
Line: 62
Column: 34
CWE codes:
362
Vector<FILE*> file_pointers;
if (!files.is_empty()) {
for (auto& file : files) {
FILE* file_pointer = fopen(file, "r");
if (!file_pointer) {
warnln("Failed to open {}: {}", file, strerror(errno));
continue;
}
file_pointers.append(file_pointer);
Reported by FlawFinder.
Line: 77
Column: 34
CWE codes:
120
20
int line_number = start_number - increment; // so the line number can start at 1 when added below
int previous_character = 0;
int next_character = 0;
while ((next_character = fgetc(file_pointer)) != EOF) {
if (previous_character == 0 || previous_character == '\n') {
if (next_character == '\n' && number_style != NumberAllLines) {
// Skip printing line count on empty lines.
outln();
continue;
Reported by FlawFinder.
Userland/Utilities/ntpquery.cpp
2 issues
Line: 79
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static String format_ntp_timestamp(NtpTimestamp ntp_timestamp)
{
char buffer[28]; // YYYY-MM-DDTHH:MM:SS.UUUUUUZ is 27 characters long.
timeval t = timeval_from_ntp_timestamp(ntp_timestamp);
struct tm tm;
gmtime_r(&t.tv_sec, &tm);
size_t written = strftime(buffer, sizeof(buffer), "%Y-%m-%dT%T.", &tm);
VERIFY(written == 20);
Reported by FlawFinder.
Line: 200
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
iovec iov { &packet, sizeof(packet) };
char control_message_buffer[CMSG_SPACE(sizeof(timeval))];
msghdr msg = { &peer_address, sizeof(peer_address), &iov, 1, control_message_buffer, sizeof(control_message_buffer), 0 };
rc = recvmsg(fd, &msg, 0);
if (rc < 0) {
perror("recvmsg");
return 1;
Reported by FlawFinder.
Userland/Utilities/seq.cpp
2 issues
Line: 97
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int n = (end - start) / step;
double d = start;
for (int i = 0; i <= n; ++i) {
char buf[40];
snprintf(buf, sizeof(buf), "%f", d);
if (char* dot = strchr(buf, '.')) {
if (number_of_decimals == 0)
*dot = '\0';
else if ((dot - buf) + 1 + number_of_decimals < (int)sizeof(buf))
Reported by FlawFinder.
Line: 37
Column: 31
CWE codes:
126
exit(1);
}
if (const char* dot = strchr(d_string, '.'))
*number_of_decimals = strlen(dot + 1);
else
*number_of_decimals = 0;
return d;
}
Reported by FlawFinder.
Userland/Utilities/strace.cpp
2 issues
Line: 88
Column: 22
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
perror("traceme");
return 1;
}
int rc = execvp(child_argv.first(), const_cast<char**>(child_argv.data()));
if (rc < 0) {
perror("execvp");
exit(1);
}
VERIFY_NOT_REACHED();
Reported by FlawFinder.
Line: 56
Column: 40
CWE codes:
362
parser.parse(argc, argv);
if (output_filename != nullptr) {
auto open_result = Core::File::open(output_filename, Core::OpenMode::WriteOnly);
if (open_result.is_error()) {
outln(stderr, "Failed to open output file: {}", open_result.error());
return 1;
}
trace_file = open_result.value();
Reported by FlawFinder.
Userland/Utilities/stty.cpp
2 issues
Line: 555
Column: 37
CWE codes:
120
20
Suggestion:
Check implementation on installation, or limit the size of all string inputs
opterr = 0; // We handle unknown flags gracefully by starting to parse the arguments in `apply_modes`.
int optc;
bool should_quit = false;
while (!should_quit && ((optc = getopt_long(argc, argv, "-agF:", long_options, nullptr)) != -1)) {
switch (optc) {
case 'a':
all_settings = true;
break;
case 'g':
Reported by FlawFinder.
Line: 583
Column: 28
CWE codes:
362
int terminal_fd = STDIN_FILENO;
if (!device_file.is_empty()) {
if ((terminal_fd = open(device_file.characters(), O_RDONLY, 0)) < 0) {
perror("open");
exit(1);
}
}
Reported by FlawFinder.
Userland/Utilities/sysctl.cpp
2 issues
Line: 21
Column: 13
CWE codes:
362
builder.append(name);
auto path = builder.to_string();
auto f = Core::File::construct(path);
if (!f->open(Core::OpenMode::ReadOnly)) {
warnln("Failed to open {}: {}", f->name(), f->error_string());
exit(1);
}
const auto& b = f->read_all();
if (f->error() < 0) {
Reported by FlawFinder.
Line: 40
Column: 13
CWE codes:
362
builder.append(name);
auto path = builder.to_string();
auto f = Core::File::construct(path);
if (!f->open(Core::OpenMode::WriteOnly)) {
warnln("Failed to open: {}", f->error_string());
exit(1);
}
f->write(value);
if (f->error() < 0) {
Reported by FlawFinder.
Userland/Utilities/tr.cpp
2 issues
Line: 132
Column: 23
CWE codes:
120
20
auto to_str = build_set(to_chars);
for (;;) {
char ch = fgetc(stdin);
if (feof(stdin))
break;
auto match = from_str.find_last(ch);
if (match.has_value())
putchar(to_str[min(match.value(), to_str.length() - 1)]);
Reported by FlawFinder.
Kernel/CMOS.h
1 issues
Userland/Utilities/kcov-example.cpp
1 issues
Line: 21
Column: 14
CWE codes:
362
{
constexpr size_t num_entries = 1024 * 100;
int fd = open("/dev/kcov", O_RDWR);
if (fd == -1) {
perror("open");
return 1;
}
if (ioctl(fd, KCOV_SETBUFSIZE, num_entries) == -1) {
Reported by FlawFinder.