Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kdiff3-1.8.4/test/alignmenttest.cpp Examining data/kdiff3-1.8.4/test/fakeprogressproxy.cpp Examining data/kdiff3-1.8.4/test/fakefileaccess.cpp Examining data/kdiff3-1.8.4/test/fakekdiff3_part.cpp Examining data/kdiff3-1.8.4/src/optiondialog.cpp Examining data/kdiff3-1.8.4/src/Overview.cpp Examining data/kdiff3-1.8.4/src/PixMapUtils.h Examining data/kdiff3-1.8.4/src/Utils.cpp Examining data/kdiff3-1.8.4/src/selection.h Examining data/kdiff3-1.8.4/src/SourceData.h Examining data/kdiff3-1.8.4/src/gnudiff_diff.h Examining data/kdiff3-1.8.4/src/common.cpp Examining data/kdiff3-1.8.4/src/Overview.h Examining data/kdiff3-1.8.4/src/gnudiff_io.cpp Examining data/kdiff3-1.8.4/src/merger.h Examining data/kdiff3-1.8.4/src/kdiff3_shell.cpp Examining data/kdiff3-1.8.4/src/smalldialogs.cpp Examining data/kdiff3-1.8.4/src/Utils.h Examining data/kdiff3-1.8.4/src/Logging.h Examining data/kdiff3-1.8.4/src/FileNameLineEdit.cpp Examining data/kdiff3-1.8.4/src/Logging.cpp Examining data/kdiff3-1.8.4/src/guiutils.h Examining data/kdiff3-1.8.4/src/pdiff.cpp Examining data/kdiff3-1.8.4/src/optiondialog.h Examining data/kdiff3-1.8.4/src/directorymergewindow.cpp Examining data/kdiff3-1.8.4/src/kdiff3_part.h Examining data/kdiff3-1.8.4/src/merger.cpp Examining data/kdiff3-1.8.4/src/FileNameLineEdit.h Examining data/kdiff3-1.8.4/src/kdiff3_part.cpp Examining data/kdiff3-1.8.4/src/fileaccess.h Examining data/kdiff3-1.8.4/src/progress.cpp Examining data/kdiff3-1.8.4/src/kdiff3.h Examining data/kdiff3-1.8.4/src/PixMapUtils.cpp Examining data/kdiff3-1.8.4/src/mergeresultwindow.h Examining data/kdiff3-1.8.4/src/diff.cpp Examining data/kdiff3-1.8.4/src/main.cpp Examining data/kdiff3-1.8.4/src/gnudiff_analyze.cpp Examining data/kdiff3-1.8.4/src/selection.cpp Examining data/kdiff3-1.8.4/src/directorymergewindow.h Examining data/kdiff3-1.8.4/src/ProgressProxyExtender.cpp Examining data/kdiff3-1.8.4/src/OptionItems.h Examining data/kdiff3-1.8.4/src/RLPainter.h Examining data/kdiff3-1.8.4/src/kdiff3_shell.h Examining data/kdiff3-1.8.4/src/MergeFileInfos.cpp Examining data/kdiff3-1.8.4/src/diff.h Examining data/kdiff3-1.8.4/src/kdiff3.cpp Examining data/kdiff3-1.8.4/src/mergeresultwindow.cpp Examining data/kdiff3-1.8.4/src/options.h Examining data/kdiff3-1.8.4/src/DirectoryInfo.h Examining data/kdiff3-1.8.4/src/gnudiff_xmalloc.cpp Examining data/kdiff3-1.8.4/src/ConfigValueMap.h Examining data/kdiff3-1.8.4/src/fileaccess.cpp Examining data/kdiff3-1.8.4/src/cvsignorelist.cpp Examining data/kdiff3-1.8.4/src/progress.h Examining data/kdiff3-1.8.4/src/smalldialogs.h Examining data/kdiff3-1.8.4/src/SourceData.cpp Examining data/kdiff3-1.8.4/src/ProgressProxyExtender.h Examining data/kdiff3-1.8.4/src/MergeFileInfos.h Examining data/kdiff3-1.8.4/src/difftextwindow.cpp Examining data/kdiff3-1.8.4/src/cvsignorelist.h Examining data/kdiff3-1.8.4/src/common.h Examining data/kdiff3-1.8.4/src/difftextwindow.h Examining data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.h Examining data/kdiff3-1.8.4/diff_ext_for_kdiff3/diff_ext.cpp Examining data/kdiff3-1.8.4/diff_ext_for_kdiff3/diff_ext.h Examining data/kdiff3-1.8.4/diff_ext_for_kdiff3/class_factory.h Examining data/kdiff3-1.8.4/diff_ext_for_kdiff3/class_factory.cpp Examining data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp Examining data/kdiff3-1.8.4/kdiff3fileitemactionplugin/kdiff3fileitemaction.h Examining data/kdiff3-1.8.4/kdiff3fileitemactionplugin/kdiff3fileitemaction.cpp FINAL RESULTS: data/kdiff3-1.8.4/src/fileaccess.cpp:168:23: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. ssize_t len = readlink(QFile::encodeName(absoluteFilePath()).constData(), s, PATH_MAX); data/kdiff3-1.8.4/diff_ext_for_kdiff3/diff_ext.cpp:335:10: [4] (format) _sntprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _sntprintf(verb, 79, TEXT("Command id: %d"), LOWORD(ici->lpVerb)); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:181:10: [4] (format) _ftprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. _ftprintf( m_pLogFile, TEXT("\nSERVER::SERVER()\n") ); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:190:7: [4] (format) _ftprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. _ftprintf( m_pLogFile, TEXT("SERVER::~SERVER()\n\n") ); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:223:7: [4] (format) _ftprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. _ftprintf( pServer->m_pLogFile, TEXT("%04d/%02d/%02d %02d:%02d:%02d ") data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:246:7: [4] (format) _sntprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _sntprintf( numAsString, 10, TEXT("%d"), i ); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:273:13: [4] (format) _sntprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _sntprintf( numAsString, 10, TEXT("%d"), n ); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:287:13: [4] (format) _sntprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _sntprintf( numAsString, 10, TEXT("%d"), n ); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:327:7: [4] (format) _sntprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _sntprintf(subkey, MAX_PATH, entry[i].subkey, class_id); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:333:9: [4] (format) _sntprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. _sntprintf(szData, MAX_PATH, entry[i].value, server_path); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:359:10: [4] (buffer) lstrcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using a function version that stops copying at the end of the buffer. lstrcpy(szData, TEXT("diff-ext")); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:403:7: [4] (format) _stprintf: Potential format string problem (CWE-134). Make format string constant. _stprintf(subkey, entry[i].subkey, class_id); data/kdiff3-1.8.4/diff_ext_for_kdiff3/diff_ext.cpp:98:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR tmp[MAX_PATH]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/diff_ext.cpp:334:10: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR verb[80]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:245:7: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR numAsString[10]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:272:13: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR numAsString[10]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:286:13: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR numAsString[10]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:303:3: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR class_id[MAX_PATH]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:312:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR subkey[MAX_PATH]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:313:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR server_path[MAX_PATH]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:331:9: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szData[MAX_PATH]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:357:10: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szData[MAX_PATH]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:385:3: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR class_id[MAX_PATH]; data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:395:5: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR subkey[MAX_PATH]; data/kdiff3-1.8.4/src/SourceData.cpp:319:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pBuf, src.m_pBuf, m_size); data/kdiff3-1.8.4/src/SourceData.cpp:325:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(f.open(QIODevice::ReadOnly)) data/kdiff3-1.8.4/src/SourceData.cpp:327:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[200]; data/kdiff3-1.8.4/src/SourceData.cpp:847:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!in.open(QIODevice::ReadOnly)) data/kdiff3-1.8.4/src/SourceData.cpp:854:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!out.open(QIODevice::WriteOnly)) data/kdiff3-1.8.4/src/cvsignorelist.cpp:83:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(file.open(QIODevice::ReadOnly)) data/kdiff3-1.8.4/src/directorymergewindow.cpp:738:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!fi1.open(QIODevice::ReadOnly)) data/kdiff3-1.8.4/src/directorymergewindow.cpp:744:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!fi2.open(QIODevice::ReadOnly)) data/kdiff3-1.8.4/src/directorymergewindow.cpp:3256:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool bSuccess = file.open(QIODevice::WriteOnly); data/kdiff3-1.8.4/src/fileaccess.cpp:505:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(open(QIODevice::ReadOnly))//krazy:exclude=syscalls data/kdiff3-1.8.4/src/fileaccess.cpp:527:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(realFile->open(QIODevice::WriteOnly)) data/kdiff3-1.8.4/src/fileaccess.cpp:620:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool FileAccess::open(const QFile::OpenMode flags) data/kdiff3-1.8.4/src/fileaccess.cpp:632:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool r = realFile->open(flags); data/kdiff3-1.8.4/src/fileaccess.cpp:638:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool r = tmpFile->open(); data/kdiff3-1.8.4/src/fileaccess.cpp:689:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tmpFile->open(); data/kdiff3-1.8.4/src/fileaccess.cpp:699:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tmpFile.open(); data/kdiff3-1.8.4/src/fileaccess.cpp:925:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ::memcpy(m_pTransferBuffer + m_transferredBytes, newData.data(), newData.size()); data/kdiff3-1.8.4/src/fileaccess.cpp:975:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. ::memcpy(data.data(), m_pTransferBuffer + m_transferredBytes, data.size()); data/kdiff3-1.8.4/src/fileaccess.h:103:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const QFile::OpenMode flags); data/kdiff3-1.8.4/src/gnudiff_analyze.cpp:398:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *discarded[2]; data/kdiff3-1.8.4/src/gnudiff_analyze.cpp:426:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. discarded[0] = (char *)zalloc(filevec[0].buffered_lines + filevec[1].buffered_lines); data/kdiff3-1.8.4/src/gnudiff_diff.h:368:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (memcpy(xmalloc(sizeof(*Src) * (Num)), (Src), sizeof(*Src) * (Num))) data/kdiff3-1.8.4/src/kdiff3.cpp:531:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fileOpen = KStandardAction::open(this, &KDiff3App::slotFileOpen, ac); data/kdiff3-1.8.4/src/kdiff3_part.cpp:151:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!file.open(QIODevice::ReadOnly)) data/kdiff3-1.8.4/src/main.cpp:40:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(configFile.open(QIODevice::ReadOnly)) data/kdiff3-1.8.4/test/alignmenttest.cpp:184:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( file.open(QIODevice::ReadOnly) ) data/kdiff3-1.8.4/test/alignmenttest.cpp:205:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( file.open(QIODevice::WriteOnly) ) data/kdiff3-1.8.4/diff_ext_for_kdiff3/diff_ext.cpp:386:7: [1] (buffer) lstrcpyn: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). lstrcpyn( (LPTSTR)pszName, fromQString(helpString).c_str(), cchMax ); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:308:5: [1] (buffer) _tcsncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). _tcsncpy(class_id, tmp_guid, MAX_PATH); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:336:85: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = RegSetValueEx(key, entry[i].name, 0, REG_SZ, (LPBYTE)szData, DWORD(_tcslen(szData)*sizeof(TCHAR))); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:347:75: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = RegSetValueEx(key, 0, 0, REG_SZ, (LPBYTE)class_id, DWORD(_tcslen(class_id)*sizeof(TCHAR))); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:361:81: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = RegSetValueEx(key, class_id, 0, REG_SZ, (LPBYTE)szData, DWORD(_tcslen(szData)*sizeof(TCHAR))); data/kdiff3-1.8.4/diff_ext_for_kdiff3/server.cpp:390:5: [1] (buffer) _tcsncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). _tcsncpy(class_id, tmp_guid, MAX_PATH); data/kdiff3-1.8.4/src/OptionItems.h:49:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual void read(ValueMap*) = 0; data/kdiff3-1.8.4/src/OptionItems.h:113:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(ValueMap* config) override { *m_pVar = config->readEntry(m_saveName, m_defaultVal); } data/kdiff3-1.8.4/src/SourceData.cpp:328:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). qint64 size = f.read(buf, sizeof(buf)); data/kdiff3-1.8.4/src/diff.cpp:53:16: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. bool LineData::equal(const LineData& l1, const LineData& l2, bool bStrict) data/kdiff3-1.8.4/src/diff.cpp:887:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. LineData::equal(pldA[(*i3).getLineA()], pldB[(*i3A).getLineB()], false) && data/kdiff3-1.8.4/src/diff.cpp:904:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. LineData::equal(pldB[(*i3).getLineB()], pldA[(*i3B).getLineA()], false) && data/kdiff3-1.8.4/src/diff.cpp:920:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. LineData::equal(pldC[(*i3).getLineC()], pldA[(*i3C).getLineA()], false) && data/kdiff3-1.8.4/src/diff.cpp:942:51: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(i3A->getLineB() != -1 && LineData::equal(pldA[i3A->getLineA()], pldB[i3A->getLineB()], false)) data/kdiff3-1.8.4/src/diff.cpp:947:52: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. (i3A->getLineC() != -1 && LineData::equal(pldA[i3A->getLineA()], pldC[i3A->getLineC()], false))) data/kdiff3-1.8.4/src/diff.cpp:964:51: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(i3B->getLineA() != -1 && LineData::equal(pldA[i3B->getLineA()], pldB[i3B->getLineB()], false)) data/kdiff3-1.8.4/src/diff.cpp:969:52: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. (i3B->getLineC() != -1 && LineData::equal(pldB[i3B->getLineB()], pldC[i3B->getLineC()], false))) data/kdiff3-1.8.4/src/diff.cpp:986:51: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(i3C->getLineA() != -1 && LineData::equal(pldA[i3C->getLineA()], pldC[i3C->getLineC()], false)) data/kdiff3-1.8.4/src/diff.cpp:991:52: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. (i3C->getLineB() != -1 && LineData::equal(pldB[i3C->getLineB()], pldC[i3C->getLineC()], false))) data/kdiff3-1.8.4/src/diff.cpp:1013:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(i->getLineC() != -1 && LineData::equal(pldA[i->getLineA()], pldC[i->getLineC()], false)) data/kdiff3-1.8.4/src/diff.cpp:1043:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(i->getLineB() != -1 && LineData::equal(pldA[i->getLineA()], pldB[i->getLineB()], false)) data/kdiff3-1.8.4/src/diff.cpp:1073:53: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(i->getLineA() != -1 && LineData::equal(pldA[i->getLineA()], pldB[i->getLineB()], false)) data/kdiff3-1.8.4/src/diff.h:100:17: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static bool equal(const LineData& l1, const LineData& l2, bool bStrict); data/kdiff3-1.8.4/src/directorymergewindow.cpp:761:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(len != fi1.read(&buf1[0], len)) data/kdiff3-1.8.4/src/directorymergewindow.cpp:769:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(len != fi2.read(&buf2[0], len)) data/kdiff3-1.8.4/src/fileaccess.cpp:481:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). qint64 reallyRead = read((char*)pDestBuffer + i, nextLength); data/kdiff3-1.8.4/src/fileaccess.cpp:643:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). qint64 FileAccess::read(char* data, const qint64 maxlen) data/kdiff3-1.8.4/src/fileaccess.cpp:655:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = realFile->read(data, maxlen); data/kdiff3-1.8.4/src/fileaccess.cpp:663:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = tmpFile->read(data, maxlen); data/kdiff3-1.8.4/src/fileaccess.h:105:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). qint64 read(char* data, const qint64 maxlen); data/kdiff3-1.8.4/src/optiondialog.cpp:212:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(ValueMap* config) override data/kdiff3-1.8.4/src/optiondialog.cpp:325:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(ValueMap* config) override data/kdiff3-1.8.4/src/optiondialog.cpp:467:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(ValueMap* config) override data/kdiff3-1.8.4/src/optiondialog.cpp:1704:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (*i)->read(&cvm); data/kdiff3-1.8.4/src/optiondialog.cpp:1732:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (*j)->read(&config); // use the internal conversion from string to the needed value. data/kdiff3-1.8.4/test/alignmenttest.cpp:219:90: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. bool dataIsConsistent(int line1, QString &line1Text, int line2, QString &line2Text, bool equal) data/kdiff3-1.8.4/test/alignmenttest.cpp:225:21: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. consistent = !equal; data/kdiff3-1.8.4/test/alignmenttest.cpp:238:10: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(equal) data/kdiff3-1.8.4/test/alignmenttest.cpp:244:24: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. consistent = !equal; data/kdiff3-1.8.4/test/alignmenttest.cpp:307:10: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while(equal && (p_actual != actualDiff3LineList.end())) data/kdiff3-1.8.4/test/alignmenttest.cpp:389:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. else if(equal) data/kdiff3-1.8.4/test/alignmenttest.cpp:409:11: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return equal; ANALYSIS SUMMARY: Hits = 93 Lines analyzed = 29473 in approximately 0.69 seconds (42696 lines/second) Physical Source Lines of Code (SLOC) = 23150 Hits@level = [0] 0 [1] 42 [2] 39 [3] 0 [4] 11 [5] 1 Hits@level+ = [0+] 93 [1+] 93 [2+] 51 [3+] 12 [4+] 12 [5+] 1 Hits/KSLOC@level+ = [0+] 4.01728 [1+] 4.01728 [2+] 2.20302 [3+] 0.518359 [4+] 0.518359 [5+] 0.0431965 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.