The following issues were found

Kernel/API/POSIX/sys/un.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 19 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
struct sockaddr_un {
    uint16_t sun_family;
    char sun_path[UNIX_PATH_MAX];
};

#ifdef __cplusplus
}
#endif

Reported by FlawFinder.

Kernel/FileSystem/File.cpp
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 31 Column: 49 CWE codes: 362 

                  return true;
}

KResultOr<NonnullRefPtr<FileDescription>> File::open(int options)
{
    auto description = FileDescription::create(*this);
    if (!description.is_error()) {
        description.value()->set_rw_mode(options);
        description.value()->set_file_flags(options);

Reported by FlawFinder.

Kernel/API/POSIX/netinet/in.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 48 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  sa_family_t sin_family;
    in_port_t sin_port;
    struct in_addr sin_addr;
    char sin_zero[8];
};

struct ip_mreq {
    struct in_addr imr_multiaddr;
    struct in_addr imr_interface;

Reported by FlawFinder.

Userland/Services/Taskbar/ClockWidget.h
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 35 Column: 10 CWE codes: 362 

              
    void tick_clock() { update(); }

    void open();
    void close();

    void position_calendar_window();
    void jump_to_current_date();

Reported by FlawFinder.

Kernel/API/POSIX/net/if_arp.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 21 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  struct sockaddr arp_ha;      /* hardware address */
    struct sockaddr arp_netmask; /* netmask of protocol address */
    int arp_flags;               /* flags */
    char arp_dev[16];
};

#ifdef __cplusplus
}
#endif

Reported by FlawFinder.

Kernel/FileSystem/FIFO.h
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 44 Column: 31 CWE codes: 120 20 

              private:
    // ^File
    virtual KResultOr<size_t> write(FileDescription&, u64, const UserOrKernelBuffer&, size_t) override;
    virtual KResultOr<size_t> read(FileDescription&, u64, UserOrKernelBuffer&, size_t) override;
    virtual KResult stat(::stat&) const override;
    virtual bool can_read(const FileDescription&, size_t) const override;
    virtual bool can_write(const FileDescription&, size_t) const override;
    virtual String absolute_path(const FileDescription&) const override;
    virtual StringView class_name() const override { return "FIFO"; }

Reported by FlawFinder.

Kernel/FileSystem/AnonymousFile.h
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 30 Column: 31 CWE codes: 120 20 

                  virtual String absolute_path(const FileDescription&) const override { return ":anonymous-file:"; }
    virtual bool can_read(const FileDescription&, size_t) const override { return false; }
    virtual bool can_write(const FileDescription&, size_t) const override { return false; }
    virtual KResultOr<size_t> read(FileDescription&, u64, UserOrKernelBuffer&, size_t) override { return ENOTSUP; }
    virtual KResultOr<size_t> write(FileDescription&, u64, const UserOrKernelBuffer&, size_t) override { return ENOTSUP; }

    explicit AnonymousFile(NonnullRefPtr<Memory::AnonymousVMObject>);

    NonnullRefPtr<Memory::AnonymousVMObject> m_vmobject;

Reported by FlawFinder.

Kernel/API/POSIX/net/if.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 26 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
struct ifreq {
#define IFNAMSIZ 16
    char ifr_name[IFNAMSIZ];
    union {
        struct sockaddr ifru_addr;
        struct sockaddr ifru_dstaddr;
        struct sockaddr ifru_broadaddr;
        struct sockaddr ifru_netmask;

Reported by FlawFinder.

Userland/Services/TelnetServer/main.cpp
1 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 30 Column: 22 CWE codes: 362 

                          exit(1);
        }
        close(ptm_fd);
        int pts_fd = open(tty_name, O_RDWR);
        if (pts_fd < 0) {
            perror("open");
            exit(1);
        }

Reported by FlawFinder.

Kernel/Devices/ZeroDevice.h
1 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 26 Column: 31 CWE codes: 120 20 

              private:
    ZeroDevice();
    // ^CharacterDevice
    virtual KResultOr<size_t> read(FileDescription&, u64, UserOrKernelBuffer&, size_t) override;
    virtual KResultOr<size_t> write(FileDescription&, u64, const UserOrKernelBuffer&, size_t) override;
    virtual bool can_read(const FileDescription&, size_t) const override;
    virtual bool can_write(const FileDescription&, size_t) const override { return true; }
    virtual StringView class_name() const override { return "ZeroDevice"; }
};

Reported by FlawFinder.