The following issues were found
Kernel/Syscalls/readlink.cpp
1 issues
Line: 26
Column: 44
CWE codes:
362
if (path.is_error())
return path.error();
auto result = VirtualFileSystem::the().open(path.value()->view(), O_RDONLY | O_NOFOLLOW_NOERROR, 0, current_directory());
if (result.is_error())
return result.error();
auto description = result.value();
if (!description->metadata().is_symlink())
Reported by FlawFinder.
Kernel/Syscalls/pledge.cpp
1 issues
Line: 46
mask |= (1u << (u32)Pledge::x); \
continue; \
}
ENUMERATE_PLEDGE_PROMISES
#undef __ENUMERATE_PLEDGE_PROMISE
return false;
}
return true;
};
Reported by Cppcheck.
Userland/Utilities/wasm.cpp
1 issues
Line: 246
Column: 31
CWE codes:
362
static Optional<Wasm::Module> parse(StringView const& filename)
{
auto result = Core::File::open(filename, Core::OpenMode::ReadOnly);
if (result.is_error()) {
warnln("Failed to open {}: {}", filename, result.error());
return {};
}
Reported by FlawFinder.
Userland/Utilities/open.cpp
1 issues
Line: 30
Column: 33
CWE codes:
362
auto path = Core::File::real_path_for(url_or_path);
auto url = URL::create_with_url_or_path(path.is_null() ? url_or_path : path);
if (!Desktop::Launcher::open(url)) {
warnln("Failed to open '{}'", url);
all_ok = false;
}
}
Reported by FlawFinder.
Userland/Libraries/LibGfx/PGMLoader.cpp
1 issues
Line: 82
Column: 25
CWE codes:
120
20
}
} else if (context.type == PGMLoadingContext::RAWBITS) {
u8 pixel;
while (streamer.read(pixel)) {
color_data.append({ pixel, pixel, pixel });
}
}
size_t context_size = (u32)context.width * (u32)context.height;
Reported by FlawFinder.
Kernel/Syscalls/mknod.cpp
1 issues
Line: 25
Column: 80
CWE codes:
732
auto path = get_syscall_path_argument(params.path);
if (path.is_error())
return path.error();
return VirtualFileSystem::the().mknod(path.value()->view(), params.mode & ~umask(), params.dev, current_directory());
}
}
Reported by FlawFinder.
Userland/Utilities/paste.cpp
1 issues
Line: 36
Column: 9
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
close(pipefd[0]);
close(pipefd[1]);
setenv("CLIPBOARD_STATE", state, true);
execvp(command[0], const_cast<char**>(command.data()));
perror("exec");
exit(1);
}
// We're the parent.
Reported by FlawFinder.
Kernel/Syscalls/mkdir.cpp
1 issues
Line: 20
Column: 73
CWE codes:
732
auto path = get_syscall_path_argument(user_path, path_length);
if (path.is_error())
return path.error();
return VirtualFileSystem::the().mkdir(path.value()->view(), mode & ~umask(), current_directory());
}
}
Reported by FlawFinder.
Userland/Utilities/ping.cpp
1 issues
Line: 202
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
else if (ms > max_ms)
max_ms = ms;
char addr_buf[INET_ADDRSTRLEN];
outln("Pong from {}: id={}, seq={}{}, time={}ms, size={}",
inet_ntop(AF_INET, &peer_address.sin_addr, addr_buf, sizeof(addr_buf)),
ntohs(pong_hdr->un.echo.id),
ntohs(pong_hdr->un.echo.sequence),
pong_hdr->un.echo.sequence != ping_hdr->un.echo.sequence ? "(!)" : "",
Reported by FlawFinder.
Kernel/Syscalls/fork.cpp
1 issues
Line: 40
Column: 62
CWE codes:
732
child->m_protected_values.has_execpromises = m_protected_values.has_execpromises.load();
child->m_protected_values.sid = m_protected_values.sid;
child->m_protected_values.extra_gids = m_protected_values.extra_gids;
child->m_protected_values.umask = m_protected_values.umask;
child->m_protected_values.signal_trampoline = m_protected_values.signal_trampoline;
child->m_protected_values.dumpable = m_protected_values.dumpable;
}
dbgln_if(FORK_DEBUG, "fork: child={}", child);
Reported by FlawFinder.