Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kinfocenter-5.19.5/Modules/devinfo/qvlistlayout.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/soldevicetypes.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/devinfo.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/nicsignals.cpp
Examining data/kinfocenter-5.19.5/Modules/devinfo/devicelisting.cpp
Examining data/kinfocenter-5.19.5/Modules/devinfo/devicelisting.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/infopanel.cpp
Examining data/kinfocenter-5.19.5/Modules/devinfo/qvlistlayout.cpp
Examining data/kinfocenter-5.19.5/Modules/devinfo/solidhelper.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/soldevice.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/devinfo.cpp
Examining data/kinfocenter-5.19.5/Modules/devinfo/solidhelper.cpp
Examining data/kinfocenter-5.19.5/Modules/devinfo/nicsignals.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/soldevicetypes.cpp
Examining data/kinfocenter-5.19.5/Modules/devinfo/infopanel.h
Examining data/kinfocenter-5.19.5/Modules/devinfo/soldevice.cpp
Examining data/kinfocenter-5.19.5/Modules/samba/main.cpp
Examining data/kinfocenter-5.19.5/Modules/samba/ksambasharemodel.h
Examining data/kinfocenter-5.19.5/Modules/samba/autotests/ksambasharemodeltest.cpp
Examining data/kinfocenter-5.19.5/Modules/samba/autotests/smbmountmodeltest.cpp
Examining data/kinfocenter-5.19.5/Modules/samba/ksambasharemodel.cpp
Examining data/kinfocenter-5.19.5/Modules/samba/smbmountmodel.h
Examining data/kinfocenter-5.19.5/Modules/samba/smbmountmodel.cpp
Examining data/kinfocenter-5.19.5/Modules/pci/kpci_private.h
Examining data/kinfocenter-5.19.5/Modules/pci/kpci.cpp
Examining data/kinfocenter-5.19.5/Modules/pci/kcm_pci.h
Examining data/kinfocenter-5.19.5/Modules/pci/kcm_pci.cpp
Examining data/kinfocenter-5.19.5/Modules/pci/kpci.h
Examining data/kinfocenter-5.19.5/Modules/nics/nic.h
Examining data/kinfocenter-5.19.5/Modules/nics/nic.cpp
Examining data/kinfocenter-5.19.5/Modules/energy/kcm.cpp
Examining data/kinfocenter-5.19.5/Modules/energy/kcm.h
Examining data/kinfocenter-5.19.5/Modules/energy/statisticsprovider.cpp
Examining data/kinfocenter-5.19.5/Modules/energy/wakeupmodel.h
Examining data/kinfocenter-5.19.5/Modules/energy/wakeupmodel.cpp
Examining data/kinfocenter-5.19.5/Modules/energy/batterymodel.cpp
Examining data/kinfocenter-5.19.5/Modules/energy/statisticsprovider.h
Examining data/kinfocenter-5.19.5/Modules/energy/batterymodel.h
Examining data/kinfocenter-5.19.5/Modules/fileindexermonitor/kcm.cpp
Examining data/kinfocenter-5.19.5/Modules/fileindexermonitor/kcm.h
Examining data/kinfocenter-5.19.5/Modules/memory/physicalMemoryChart.h
Examining data/kinfocenter-5.19.5/Modules/memory/memory.h
Examining data/kinfocenter-5.19.5/Modules/memory/chartWidget.h
Examining data/kinfocenter-5.19.5/Modules/memory/memory_linux.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/chartWidget.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/memory.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/totalMemoryChart.h
Examining data/kinfocenter-5.19.5/Modules/memory/swapMemoryChart.h
Examining data/kinfocenter-5.19.5/Modules/memory/swapMemoryChart.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/memory_fbsd.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/totalMemoryChart.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/physicalMemoryChart.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/memory_netbsd.cpp
Examining data/kinfocenter-5.19.5/Modules/memory/base.h
Examining data/kinfocenter-5.19.5/Modules/base/info_fbsd.cpp
Examining data/kinfocenter-5.19.5/Modules/base/info_generic.cpp
Examining data/kinfocenter-5.19.5/Modules/base/info_netbsd.cpp
Examining data/kinfocenter-5.19.5/Modules/base/info_wayland.h
Examining data/kinfocenter-5.19.5/Modules/base/info_linux.cpp
Examining data/kinfocenter-5.19.5/Modules/base/os_base.h
Examining data/kinfocenter-5.19.5/Modules/base/info_wayland.cpp
Examining data/kinfocenter-5.19.5/Modules/base/os_current.h
Examining data/kinfocenter-5.19.5/Modules/base/os_current.cpp
Examining data/kinfocenter-5.19.5/Modules/base/info_openbsd.cpp
Examining data/kinfocenter-5.19.5/Modules/view1394/view1394.h
Examining data/kinfocenter-5.19.5/Modules/view1394/view1394.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/Module.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/MemoryEntry.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/PlasmaEntry.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/SectionLabel.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/KernelEntry.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/CPUEntry.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/CPUEntry.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/BitEntry.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/SectionLabel.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/KernelEntry.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/main.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/Module.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/GPUEntry.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/Entry.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/PlasmaEntry.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/GPUEntry.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/MemoryEntry.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/FancyString.h
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/FancyString.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/BitEntry.cpp
Examining data/kinfocenter-5.19.5/Modules/about-distro/src/Entry.h
Examining data/kinfocenter-5.19.5/Modules/opengl/opengl.cpp
Examining data/kinfocenter-5.19.5/Modules/opengl/opengl.h
Examining data/kinfocenter-5.19.5/Modules/info/info.cpp
Examining data/kinfocenter-5.19.5/Modules/info/main.cpp
Examining data/kinfocenter-5.19.5/Modules/info/info.h
Examining data/kinfocenter-5.19.5/Modules/usbview/usbdevices.h
Examining data/kinfocenter-5.19.5/Modules/usbview/kcmusb.cpp
Examining data/kinfocenter-5.19.5/Modules/usbview/kcmusb.h
Examining data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp
Examining data/kinfocenter-5.19.5/Modules/usbview/usbdb.h
Examining data/kinfocenter-5.19.5/Modules/usbview/usbdb.cpp
FINAL RESULTS:
data/kinfocenter-5.19.5/Modules/about-distro/src/Entry.cpp:65:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return QLocale::system();
data/kinfocenter-5.19.5/Modules/about-distro/src/Entry.cpp:70:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return QLocale::system();
data/kinfocenter-5.19.5/Modules/about-distro/src/Module.cpp:67:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (QLocale::system().language() == QLocale::English || QLocale::system().language() == QLocale::C) {
data/kinfocenter-5.19.5/Modules/about-distro/src/Module.cpp:67:70: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (QLocale::system().language() == QLocale::English || QLocale::system().language() == QLocale::C) {
data/kinfocenter-5.19.5/Modules/base/info_fbsd.cpp:103:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(cmd.toLatin1(), "r")) == NULL) {
data/kinfocenter-5.19.5/Modules/base/info_fbsd.cpp:196:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tmp.sprintf(hexmode ? "0x%lx" : "%lu", res->dr_start);
data/kinfocenter-5.19.5/Modules/base/info_fbsd.cpp:199:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tmp.sprintf(hexmode ? "-0x%lx" : "-%lu",
data/kinfocenter-5.19.5/Modules/base/info_fbsd.cpp:206:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tmp.sprintf(" (%s)", dev->dd_name);
data/kinfocenter-5.19.5/Modules/base/info_fbsd.cpp:208:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
tmp.sprintf(" ----");
data/kinfocenter-5.19.5/Modules/base/info_netbsd.cpp:57:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pipe = popen("/sbin/dmesg", "r");
data/kinfocenter-5.19.5/Modules/base/info_openbsd.cpp:53:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pipe = popen("/sbin/dmesg", "r");
data/kinfocenter-5.19.5/Modules/base/info_openbsd.cpp:121:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
s.sprintf("%02d%s", irqnum, p);
data/kinfocenter-5.19.5/Modules/base/info_openbsd.cpp:123:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
s.sprintf("??%s", p);
data/kinfocenter-5.19.5/Modules/base/info_linux.cpp:62:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/kinfocenter-5.19.5/Modules/base/info_linux.cpp:105:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.exists() && file.open(QIODevice::ReadOnly)) {
data/kinfocenter-5.19.5/Modules/base/info_netbsd.cpp:53:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (dmesg->exists() && dmesg->open(QIODevice::ReadOnly)) {
data/kinfocenter-5.19.5/Modules/base/info_netbsd.cpp:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[3];
data/kinfocenter-5.19.5/Modules/base/info_netbsd.cpp:109:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(numstr, "??");
data/kinfocenter-5.19.5/Modules/base/info_openbsd.cpp:49:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (dmesg->exists() && dmesg->open(QIODevice::ReadOnly)) {
data/kinfocenter-5.19.5/Modules/base/info_openbsd.cpp:119:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
irqnum = (pos < 0) ? 0 : atoi(&p[pos+5]);
data/kinfocenter-5.19.5/Modules/memory/memory_linux.cpp:27:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly)) {
data/kinfocenter-5.19.5/Modules/memory/memory_linux.cpp:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/kinfocenter-5.19.5/Modules/nics/nic.cpp:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8*1024];
data/kinfocenter-5.19.5/Modules/nics/nic.cpp:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/kinfocenter-5.19.5/Modules/pci/kpci.cpp:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameBuffer[NAME_BUFFER_SIZE];
data/kinfocenter-5.19.5/Modules/pci/kpci.cpp:506:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<void*>(&infoPm.raw[0]), reinterpret_cast<void*>(&info->raw[offset+2]), sizeof(pmInfo));
data/kinfocenter-5.19.5/Modules/pci/kpci.cpp:543:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<void*>(&infoAgp.raw[0]), reinterpret_cast<void*>(&info->raw[offset+2]), sizeof(agpInfo));
data/kinfocenter-5.19.5/Modules/pci/kpci.cpp:591:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<void*>(&infoVpd.raw[0]), reinterpret_cast<void*>(&info->raw[offset+2]), sizeof(vpdInfo));
data/kinfocenter-5.19.5/Modules/pci/kpci.cpp:604:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<void*>(&infoMsi.raw[0]), reinterpret_cast<void*>(&info->raw[offset+2]), 2);
data/kinfocenter-5.19.5/Modules/pci/kpci.cpp:613:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<void*>(&infoMsi.raw[0]), reinterpret_cast<void*>(&info->raw[offset+size]), 2);
data/kinfocenter-5.19.5/Modules/pci/kpci_private.h:58:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char raw[256];
data/kinfocenter-5.19.5/Modules/pci/kpci_private.h:152:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved1[7];
data/kinfocenter-5.19.5/Modules/pci/kpci_private.h:215:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved2[3];
data/kinfocenter-5.19.5/Modules/pci/kpci_private.h:305:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char raw[10];
data/kinfocenter-5.19.5/Modules/pci/kpci_private.h:360:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char raw[6];
data/kinfocenter-5.19.5/Modules/pci/kpci_private.h:403:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char raw[6];
data/kinfocenter-5.19.5/Modules/pci/kpci_private.h:412:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char raw[22];
data/kinfocenter-5.19.5/Modules/usbview/usbdb.cpp:37:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::ReadOnly)) {
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:54:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd =:: open(QFile::encodeName(fname).constData(), O_RDONLY);
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[11];
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:241:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd =:: open(QFile::encodeName(fname).constData(), O_RDONLY);
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:400:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( controller.open(QIODevice::ReadOnly) )
data/kinfocenter-5.19.5/Modules/view1394/view1394.cpp:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/kinfocenter-5.19.5/Modules/view1394/view1394.cpp:304:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QIODevice::ReadOnly | QIODevice::Text))
data/kinfocenter-5.19.5/Modules/view1394/view1394.cpp:319:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QIODevice::ReadOnly))
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:61:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((count = ::read(fd, buffer, 256)) > 0)
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:126:3: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(line.toLocal8Bit().data(), "D: Ver=%x.%x Cls=%x(%10s) Sub=%x Prot=%x MxPS=%u #Cfgs=%u", &_verMajor, &_verMinor, &_class, buffer, &_sub, &_prot, &_maxPacketSize, &_configs);
data/kinfocenter-5.19.5/Modules/usbview/usbdevices.cpp:248:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((count = ::read(fd, buffer, 256)) > 0)
ANALYSIS SUMMARY:
Hits = 50
Lines analyzed = 11731 in approximately 0.44 seconds (26578 lines/second)
Physical Source Lines of Code (SLOC) = 8207
Hits@level = [0] 7 [1] 3 [2] 34 [3] 0 [4] 13 [5] 0
Hits@level+ = [0+] 57 [1+] 50 [2+] 47 [3+] 13 [4+] 13 [5+] 0
Hits/KSLOC@level+ = [0+] 6.94529 [1+] 6.09236 [2+] 5.72682 [3+] 1.58401 [4+] 1.58401 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.