Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/qtserialbus-everywhere-src-5.15.2/config.tests/socketcan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/config.tests/socketcan_fd/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/bitratebox.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/bitratebox.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/connectdialog.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/connectdialog.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/mainwindow.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/mainwindow.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/sendframebox.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/can/sendframebox.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/adueditor/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/adueditor/mainwindow.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/adueditor/mainwindow.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/adueditor/modbustcpclient.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/adueditor/modbustcpclient.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/adueditor/modbustcpclient_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/adueditor/plaintextedit.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/master/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/master/mainwindow.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/master/mainwindow.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/master/settingsdialog.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/master/settingsdialog.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/master/writeregistermodel.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/master/writeregistermodel.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/slave/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/slave/mainwindow.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/slave/mainwindow.h
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/slave/settingsdialog.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/examples/serialbus/modbus/slave/settingsdialog.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qcanbusdevice_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qcanbusdeviceinfo_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbus_symbols_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbusadu_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbusclient_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbuscommevent_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbusdevice_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbusrtuserialmaster_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbusrtuserialslave_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbusserver_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbustcpclient_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/5.15.2/QtSerialBus/private/qmodbustcpserver_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qcanbus.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qcanbusdevice.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qcanbusdeviceinfo.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qcanbusfactory.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qcanbusframe.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusclient.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusdataunit.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusdevice.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusdeviceidentification.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbuspdu.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusreply.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusrtuserialmaster.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusrtuserialslave.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbusserver.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbustcpclient.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qmodbustcpserver.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qserialbusglobal.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qtserialbusglobal.h
Examining data/qtserialbus-everywhere-src-5.15.2/include/QtSerialBus/qtserialbusversion.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/j2534passthru.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/j2534passthru.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanbackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanbackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanio.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanio.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcan_symbols_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/libsocketcan.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/libsocketcan.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccan_symbols_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycan_symbols_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcan_symbols_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/virtualcan/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/virtualcan/virtualcanbackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/virtualcan/virtualcanbackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/doc/snippets/snippetmain.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbus.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbus.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdevice.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdevice.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdevice_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdeviceinfo.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdeviceinfo.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdeviceinfo_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusfactory.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusfactory.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusframe.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusframe.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbus_symbols_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusadu_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuscommevent_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdataunit.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdataunit.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdevice.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdevice.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdevice_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdeviceidentification.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdeviceidentification.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuspdu.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuspdu.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusreply.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusreply.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialmaster.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialmaster.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialmaster_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialslave.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialslave.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialslave_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusserver.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusserver.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusserver_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpclient.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpclient.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpclient_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpserver.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpserver.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpserver_p.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qtserialbusglobal.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/tools/canbusutil/canbusutil.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/tools/canbusutil/canbusutil.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/tools/canbusutil/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/tools/canbusutil/readtask.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/tools/canbusutil/readtask.h
Examining data/qtserialbus-everywhere-src-5.15.2/src/tools/canbusutil/sigtermhandler.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/src/tools/canbusutil/sigtermhandler.h
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbus/dummybackend.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbus/dummybackend.h
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbus/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbusv1/dummybackendv1.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbusv1/dummybackendv1.h
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbusv1/main.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qcanbus/tst_qcanbus.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qcanbusdevice/tst_qcanbusdevice.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qcanbusframe/tst_qcanbusframe.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusadu/tst_qmodbusadu.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusclient/tst_qmodbusclient.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbuscommevent/tst_qmodbuscommevent.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusdataunit/tst_qmodbusdataunit.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusdevice/tst_qmodbusdevice.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusdeviceidentification/tst_qmodbusdeviceidentification.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbuspdu/tst_qmodbuspdu.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusreply/tst_qmodbusreply.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusrtuserialmaster/tst_qmodbusrtuserialmaster.cpp
Examining data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusserver/tst_qmodbusserver.cpp
FINAL RESULTS:
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/j2534passthru.cpp:115:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
PassThru::Status PassThru::open(const QByteArray &name, Handle *deviceId)
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/j2534passthru.h:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_data[maxSize];
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/j2534passthru.h:290:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Status open(const QByteArray &name, Handle *deviceId);
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanbackend.cpp:188:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool PassThruCanBackend::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanbackend.h:66:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanio.cpp:54:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void PassThruCanIO::open(const QString &library, const QByteArray &subDev, uint bitRate)
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanio.cpp:68:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
openStatus = m_passThru->open(subDev, &m_deviceId);
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanio.cpp:240:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(msg.data() + 4, payload.data(), payloadSize);
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/passthrucan/passthrucanio.h:65:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Q_INVOKABLE void open(const QString &library, const QByteArray &subDev, uint bitRate);
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.cpp:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[6];
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.cpp:134:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[256] = {0};
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.cpp:319:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool PeakCanBackendPrivate::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.cpp:731:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool PeakCanBackend::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.cpp:736:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (Q_UNLIKELY(!d->open()))
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.cpp:813:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend.h:62:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/peakcan/peakcanbackend_p.h:73:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open();
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.cpp:87:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.cpp:206:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool SocketCanBackend::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.cpp:500:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(frame.data, newData.payload().constData(), frame.len);
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.cpp:507:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(frame.data, newData.payload().constData(), frame.can_dlc);
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.h:92:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.h:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_ctrlmsg[CMSG_SPACE(sizeof(timeval)) + CMSG_SPACE(sizeof(__u32))];
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend.cpp:192:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool SystecCanBackendPrivate::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend.cpp:511:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool SystecCanBackend::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend.cpp:515:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!d->open())
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend.h:60:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/systeccan/systeccanbackend_p.h:86:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open();
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycan_symbols_p.h:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Chars[8];
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend.cpp:184:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool TinyCanBackendPrivate::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend.cpp:520:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool TinyCanBackend::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend.cpp:525:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!d->open()) {
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend.h:62:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/tinycan/tinycanbackend_p.h:67:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open();
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcan_symbols_p.h:488:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[XL_MAX_LENGTH + 1];
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcan_symbols_p.h:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transceiverName[XL_MAX_LENGTH + 1]; // name for CANcab or another transceiver
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcan_symbols_p.h:562:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved1[2];
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend.cpp:168:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool VectorCanBackendPrivate::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend.cpp:568:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool VectorCanBackend::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend.cpp:572:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!d->open()) {
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend.h:61:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/vectorcan/vectorcanbackend_p.h:72:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open();
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/virtualcan/virtualcanbackend.cpp:200:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool VirtualCanBackend::open()
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/virtualcan/virtualcanbackend.h:83:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdevice.cpp:907:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!open()) {
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qcanbusdevice.h:182:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open() = 0;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdevice.cpp:253:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!open()) {
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusdevice.h:114:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open() = 0;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuspdu.h:169:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[argCount] = { (encode(&stream, newData), void(), '0')... };
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuspdu.h:177:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[argCount] = { (decode(&stream, newData), void(), '0')... };
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialmaster.cpp:149:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool QModbusRtuSerialMaster::open()
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialmaster.cpp:156:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (d->m_serialPort->open(QIODevice::ReadWrite)) {
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialmaster.h:65:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialslave.cpp:104:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool QModbusRtuSerialSlave::open()
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialslave.cpp:111:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (d->m_serialPort->open(QIODevice::ReadWrite)) {
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialslave.h:60:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpclient.cpp:85:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool QModbusTcpClient::open()
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpclient.h:58:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpserver.cpp:93:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool QModbusTcpServer::open()
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpserver.h:73:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbus/dummybackend.cpp:57:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool DummyBackend::open()
data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbus/dummybackend.h:52:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbusv1/dummybackendv1.cpp:57:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool DummyBackendV1::open()
data/qtserialbus-everywhere-src-5.15.2/tests/auto/plugins/genericcanbusv1/dummybackendv1.h:52:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qcanbusdevice/tst_qcanbusdevice.cpp:72:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open()
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusclient/tst_qmodbusclient.cpp:61:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override {
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusdevice/tst_qmodbusdevice.cpp:52:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override { return openState; }
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusserver/tst_qmodbusserver.cpp:54:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override {
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusserver/tst_qmodbusserver.cpp:1161:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override { return true; }
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/socketcan/socketcanbackend.cpp:142:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const QString deviceName = dirEntry.mid(strlen(sysClassNetC));
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/virtualcan/virtualcanbackend.cpp:134:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list.append(command.mid(int(strlen("connect:"))));
data/qtserialbus-everywhere-src-5.15.2/src/plugins/canbus/virtualcan/virtualcanbackend.cpp:140:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list.removeAll(command.mid(int(strlen("disconnect:"))));
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:91:69: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusReply *QModbusClient::sendReadRequest(const QModbusDataUnit &read, int serverAddress)
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:94:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return d->sendRequest(d->createReadRequest(read), serverAddress, &read);
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:94:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return d->sendRequest(d->createReadRequest(read), serverAddress, &read);
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:120:74: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusReply *QModbusClient::sendReadWriteRequest(const QModbusDataUnit &read,
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:124:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return d->sendRequest(d->createRWRequest(read, write), serverAddress, &read);
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:124:76: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return d->sendRequest(d->createRWRequest(read, write), serverAddress, &read);
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:337:77: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusRequest QModbusClientPrivate::createRWRequest(const QModbusDataUnit &read,
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:340:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read.registerType() != QModbusDataUnit::HoldingRegisters)
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:346:79: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return QModbusRequest(QModbusRequest::ReadWriteMultipleRegisters, quint16(read.startAddress()),
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.cpp:347:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
quint16(read.valueCount()), quint16(write.startAddress()),
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.h:60:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusReply *sendReadRequest(const QModbusDataUnit &read, int serverAddress);
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient.h:62:63: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusReply *sendReadWriteRequest(const QModbusDataUnit &read, const QModbusDataUnit &write,
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusclient_p.h:68:59: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusRequest createRWRequest(const QModbusDataUnit &read, const QModbusDataUnit &write) const;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuspdu.cpp:146:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read < 0) || (read != (size - offset))) {
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuspdu.cpp:146:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read < 0) || (read != (size - offset))) {
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbuspdu.cpp:151:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
offset += read;
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialmaster_p.h:111:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_responseBuffer += m_serialPort->read(m_serialPort->bytesAvailable());
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbusrtuserialslave_p.h:94:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_requestBuffer += m_serialPort->read(size);
data/qtserialbus-everywhere-src-5.15.2/src/serialbus/qmodbustcpclient_p.h:104:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
responseBuffer += m_socket->read(m_socket->bytesAvailable());
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qcanbusdevice/tst_qcanbusdevice.cpp:150:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read();
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qcanbusdevice/tst_qcanbusdevice.cpp:263:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void tst_QCanBusDevice::read()
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusclient/tst_qmodbusclient.cpp:357:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusDataUnit read(rc, address, count);
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusclient/tst_qmodbusclient.cpp:358:69: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusRequest request = client.d_func()->createReadRequest(read);
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusclient/tst_qmodbusclient.cpp:440:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusDataUnit read(rc, address, values.count());
data/qtserialbus-everywhere-src-5.15.2/tests/auto/qmodbusclient/tst_qmodbusclient.cpp:442:67: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QModbusRequest request = client.d_func()->createRWRequest(read, write);
ANALYSIS SUMMARY:
Hits = 97
Lines analyzed = 30160 in approximately 0.89 seconds (33865 lines/second)
Physical Source Lines of Code (SLOC) = 17234
Hits@level = [0] 1 [1] 28 [2] 69 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 98 [1+] 97 [2+] 69 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.68643 [1+] 5.62841 [2+] 4.00371 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.