Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/quassel-0.13.1/3rdparty/miniz/miniz.c
Examining data/quassel-0.13.1/3rdparty/sha512/sha512.c
Examining data/quassel-0.13.1/3rdparty/sha512/sha512.h
Examining data/quassel-0.13.1/dev-notes/blanksettingspage.cpp
Examining data/quassel-0.13.1/dev-notes/blanksettingspage.h
Examining data/quassel-0.13.1/src/client/abstractmessageprocessor.cpp
Examining data/quassel-0.13.1/src/client/abstractmessageprocessor.h
Examining data/quassel-0.13.1/src/client/abstractui.h
Examining data/quassel-0.13.1/src/client/backlogsettings.h
Examining data/quassel-0.13.1/src/client/buffermodel.cpp
Examining data/quassel-0.13.1/src/client/buffermodel.h
Examining data/quassel-0.13.1/src/client/buffersettings.cpp
Examining data/quassel-0.13.1/src/client/buffersettings.h
Examining data/quassel-0.13.1/src/client/bufferviewoverlay.h
Examining data/quassel-0.13.1/src/client/client.cpp
Examining data/quassel-0.13.1/src/client/client.h
Examining data/quassel-0.13.1/src/client/clientaliasmanager.cpp
Examining data/quassel-0.13.1/src/client/clientaliasmanager.h
Examining data/quassel-0.13.1/src/client/clientauthhandler.cpp
Examining data/quassel-0.13.1/src/client/clientauthhandler.h
Examining data/quassel-0.13.1/src/client/clientbacklogmanager.h
Examining data/quassel-0.13.1/src/client/clientbufferviewconfig.cpp
Examining data/quassel-0.13.1/src/client/clientbufferviewconfig.h
Examining data/quassel-0.13.1/src/client/clientbufferviewmanager.cpp
Examining data/quassel-0.13.1/src/client/clientbufferviewmanager.h
Examining data/quassel-0.13.1/src/client/clientidentity.cpp
Examining data/quassel-0.13.1/src/client/clientidentity.h
Examining data/quassel-0.13.1/src/client/clientignorelistmanager.cpp
Examining data/quassel-0.13.1/src/client/clientignorelistmanager.h
Examining data/quassel-0.13.1/src/client/clientirclisthelper.cpp
Examining data/quassel-0.13.1/src/client/clientirclisthelper.h
Examining data/quassel-0.13.1/src/client/clientsettings.h
Examining data/quassel-0.13.1/src/client/clienttransfer.cpp
Examining data/quassel-0.13.1/src/client/clienttransfer.h
Examining data/quassel-0.13.1/src/client/clienttransfermanager.cpp
Examining data/quassel-0.13.1/src/client/clienttransfermanager.h
Examining data/quassel-0.13.1/src/client/clientuserinputhandler.cpp
Examining data/quassel-0.13.1/src/client/clientuserinputhandler.h
Examining data/quassel-0.13.1/src/client/coreaccount.cpp
Examining data/quassel-0.13.1/src/client/coreaccount.h
Examining data/quassel-0.13.1/src/client/coreaccountmodel.h
Examining data/quassel-0.13.1/src/client/coreconnection.cpp
Examining data/quassel-0.13.1/src/client/coreconnection.h
Examining data/quassel-0.13.1/src/client/execwrapper.cpp
Examining data/quassel-0.13.1/src/client/execwrapper.h
Examining data/quassel-0.13.1/src/client/irclistmodel.cpp
Examining data/quassel-0.13.1/src/client/irclistmodel.h
Examining data/quassel-0.13.1/src/client/messagefilter.h
Examining data/quassel-0.13.1/src/client/messagemodel.h
Examining data/quassel-0.13.1/src/client/networkmodel.h
Examining data/quassel-0.13.1/src/client/selectionmodelsynchronizer.cpp
Examining data/quassel-0.13.1/src/client/selectionmodelsynchronizer.h
Examining data/quassel-0.13.1/src/client/transfermodel.cpp
Examining data/quassel-0.13.1/src/client/transfermodel.h
Examining data/quassel-0.13.1/src/client/treemodel.cpp
Examining data/quassel-0.13.1/src/client/treemodel.h
Examining data/quassel-0.13.1/src/client/coreaccountmodel.cpp
Examining data/quassel-0.13.1/src/client/messagemodel.cpp
Examining data/quassel-0.13.1/src/client/networkmodel.cpp
Examining data/quassel-0.13.1/src/client/clientsettings.cpp
Examining data/quassel-0.13.1/src/client/backlogrequester.cpp
Examining data/quassel-0.13.1/src/client/backlogrequester.h
Examining data/quassel-0.13.1/src/client/bufferviewoverlay.cpp
Examining data/quassel-0.13.1/src/client/clientbacklogmanager.cpp
Examining data/quassel-0.13.1/src/client/messagefilter.cpp
Examining data/quassel-0.13.1/src/common/abstractcliparser.h
Examining data/quassel-0.13.1/src/common/abstractsignalwatcher.h
Examining data/quassel-0.13.1/src/common/aliasmanager.cpp
Examining data/quassel-0.13.1/src/common/aliasmanager.h
Examining data/quassel-0.13.1/src/common/authhandler.cpp
Examining data/quassel-0.13.1/src/common/authhandler.h
Examining data/quassel-0.13.1/src/common/backlogmanager.cpp
Examining data/quassel-0.13.1/src/common/backlogmanager.h
Examining data/quassel-0.13.1/src/common/basichandler.cpp
Examining data/quassel-0.13.1/src/common/basichandler.h
Examining data/quassel-0.13.1/src/common/bufferinfo.cpp
Examining data/quassel-0.13.1/src/common/bufferinfo.h
Examining data/quassel-0.13.1/src/common/buffersyncer.h
Examining data/quassel-0.13.1/src/common/bufferviewconfig.h
Examining data/quassel-0.13.1/src/common/bufferviewmanager.cpp
Examining data/quassel-0.13.1/src/common/bufferviewmanager.h
Examining data/quassel-0.13.1/src/common/cliparser.cpp
Examining data/quassel-0.13.1/src/common/cliparser.h
Examining data/quassel-0.13.1/src/common/compressor.cpp
Examining data/quassel-0.13.1/src/common/compressor.h
Examining data/quassel-0.13.1/src/common/coreinfo.cpp
Examining data/quassel-0.13.1/src/common/coreinfo.h
Examining data/quassel-0.13.1/src/common/ctcpevent.cpp
Examining data/quassel-0.13.1/src/common/ctcpevent.h
Examining data/quassel-0.13.1/src/common/dccconfig.cpp
Examining data/quassel-0.13.1/src/common/dccconfig.h
Examining data/quassel-0.13.1/src/common/deferredptr.h
Examining data/quassel-0.13.1/src/common/event.cpp
Examining data/quassel-0.13.1/src/common/event.h
Examining data/quassel-0.13.1/src/common/eventmanager.cpp
Examining data/quassel-0.13.1/src/common/eventmanager.h
Examining data/quassel-0.13.1/src/common/expressionmatch.cpp
Examining data/quassel-0.13.1/src/common/expressionmatch.h
Examining data/quassel-0.13.1/src/common/expressionmatchtests.cpp
Examining data/quassel-0.13.1/src/common/expressionmatchtests.h
Examining data/quassel-0.13.1/src/common/highlightrulemanager.cpp
Examining data/quassel-0.13.1/src/common/highlightrulemanager.h
Examining data/quassel-0.13.1/src/common/identity.cpp
Examining data/quassel-0.13.1/src/common/identity.h
Examining data/quassel-0.13.1/src/common/ignorelistmanager.cpp
Examining data/quassel-0.13.1/src/common/ignorelistmanager.h
Examining data/quassel-0.13.1/src/common/internalpeer.cpp
Examining data/quassel-0.13.1/src/common/internalpeer.h
Examining data/quassel-0.13.1/src/common/irccap.h
Examining data/quassel-0.13.1/src/common/ircchannel.cpp
Examining data/quassel-0.13.1/src/common/ircchannel.h
Examining data/quassel-0.13.1/src/common/ircevent.cpp
Examining data/quassel-0.13.1/src/common/ircevent.h
Examining data/quassel-0.13.1/src/common/irclisthelper.cpp
Examining data/quassel-0.13.1/src/common/irclisthelper.h
Examining data/quassel-0.13.1/src/common/ircuser.h
Examining data/quassel-0.13.1/src/common/keyevent.cpp
Examining data/quassel-0.13.1/src/common/keyevent.h
Examining data/quassel-0.13.1/src/common/logbacktrace_unix.cpp
Examining data/quassel-0.13.1/src/common/logbacktrace_win.cpp
Examining data/quassel-0.13.1/src/common/logger.cpp
Examining data/quassel-0.13.1/src/common/logger.h
Examining data/quassel-0.13.1/src/common/logmessage.cpp
Examining data/quassel-0.13.1/src/common/logmessage.h
Examining data/quassel-0.13.1/src/common/mac_utils.cpp
Examining data/quassel-0.13.1/src/common/mac_utils.h
Examining data/quassel-0.13.1/src/common/main.cpp
Examining data/quassel-0.13.1/src/common/message.cpp
Examining data/quassel-0.13.1/src/common/message.h
Examining data/quassel-0.13.1/src/common/messageevent.cpp
Examining data/quassel-0.13.1/src/common/messageevent.h
Examining data/quassel-0.13.1/src/common/network.h
Examining data/quassel-0.13.1/src/common/networkconfig.cpp
Examining data/quassel-0.13.1/src/common/networkconfig.h
Examining data/quassel-0.13.1/src/common/networkevent.cpp
Examining data/quassel-0.13.1/src/common/networkevent.h
Examining data/quassel-0.13.1/src/common/nickhighlightmatcher.cpp
Examining data/quassel-0.13.1/src/common/nickhighlightmatcher.h
Examining data/quassel-0.13.1/src/common/peer.cpp
Examining data/quassel-0.13.1/src/common/peer.h
Examining data/quassel-0.13.1/src/common/peerfactory.cpp
Examining data/quassel-0.13.1/src/common/peerfactory.h
Examining data/quassel-0.13.1/src/common/posixsignalwatcher.cpp
Examining data/quassel-0.13.1/src/common/posixsignalwatcher.h
Examining data/quassel-0.13.1/src/common/presetnetworks.cpp
Examining data/quassel-0.13.1/src/common/presetnetworks.h
Examining data/quassel-0.13.1/src/common/protocol.h
Examining data/quassel-0.13.1/src/common/protocols/datastream/datastreampeer.cpp
Examining data/quassel-0.13.1/src/common/protocols/datastream/datastreampeer.h
Examining data/quassel-0.13.1/src/common/protocols/legacy/legacypeer.cpp
Examining data/quassel-0.13.1/src/common/protocols/legacy/legacypeer.h
Examining data/quassel-0.13.1/src/common/qt5cliparser.cpp
Examining data/quassel-0.13.1/src/common/qt5cliparser.h
Examining data/quassel-0.13.1/src/common/quassel.cpp
Examining data/quassel-0.13.1/src/common/quassel.h
Examining data/quassel-0.13.1/src/common/remotepeer.cpp
Examining data/quassel-0.13.1/src/common/remotepeer.h
Examining data/quassel-0.13.1/src/common/serializers/serializers.h
Examining data/quassel-0.13.1/src/common/serializers/serializers.cpp
Examining data/quassel-0.13.1/src/common/settings.cpp
Examining data/quassel-0.13.1/src/common/settings.h
Examining data/quassel-0.13.1/src/common/signalproxy.cpp
Examining data/quassel-0.13.1/src/common/signalproxy.h
Examining data/quassel-0.13.1/src/common/singleton.h
Examining data/quassel-0.13.1/src/common/syncableobject.cpp
Examining data/quassel-0.13.1/src/common/syncableobject.h
Examining data/quassel-0.13.1/src/common/transfer.cpp
Examining data/quassel-0.13.1/src/common/transfer.h
Examining data/quassel-0.13.1/src/common/transfermanager.cpp
Examining data/quassel-0.13.1/src/common/transfermanager.h
Examining data/quassel-0.13.1/src/common/types.cpp
Examining data/quassel-0.13.1/src/common/util.cpp
Examining data/quassel-0.13.1/src/common/windowssignalwatcher.cpp
Examining data/quassel-0.13.1/src/common/windowssignalwatcher.h
Examining data/quassel-0.13.1/src/common/buffersyncer.cpp
Examining data/quassel-0.13.1/src/common/network.cpp
Examining data/quassel-0.13.1/src/common/types.h
Examining data/quassel-0.13.1/src/common/bufferviewconfig.cpp
Examining data/quassel-0.13.1/src/common/ircuser.cpp
Examining data/quassel-0.13.1/src/common/util.h
Examining data/quassel-0.13.1/src/core/abstractsqlstorage.cpp
Examining data/quassel-0.13.1/src/core/abstractsqlstorage.h
Examining data/quassel-0.13.1/src/core/authenticator.cpp
Examining data/quassel-0.13.1/src/core/authenticator.h
Examining data/quassel-0.13.1/src/core/cipher.cpp
Examining data/quassel-0.13.1/src/core/cipher.h
Examining data/quassel-0.13.1/src/core/core.h
Examining data/quassel-0.13.1/src/core/corealiasmanager.cpp
Examining data/quassel-0.13.1/src/core/corealiasmanager.h
Examining data/quassel-0.13.1/src/core/coreapplication.cpp
Examining data/quassel-0.13.1/src/core/coreapplication.h
Examining data/quassel-0.13.1/src/core/coreauthhandler.cpp
Examining data/quassel-0.13.1/src/core/coreauthhandler.h
Examining data/quassel-0.13.1/src/core/corebacklogmanager.cpp
Examining data/quassel-0.13.1/src/core/corebacklogmanager.h
Examining data/quassel-0.13.1/src/core/corebasichandler.cpp
Examining data/quassel-0.13.1/src/core/corebasichandler.h
Examining data/quassel-0.13.1/src/core/corebuffersyncer.h
Examining data/quassel-0.13.1/src/core/corebufferviewconfig.cpp
Examining data/quassel-0.13.1/src/core/corebufferviewconfig.h
Examining data/quassel-0.13.1/src/core/corebufferviewmanager.cpp
Examining data/quassel-0.13.1/src/core/corebufferviewmanager.h
Examining data/quassel-0.13.1/src/core/coredccconfig.cpp
Examining data/quassel-0.13.1/src/core/coredccconfig.h
Examining data/quassel-0.13.1/src/core/coreeventmanager.h
Examining data/quassel-0.13.1/src/core/corehighlightrulemanager.cpp
Examining data/quassel-0.13.1/src/core/corehighlightrulemanager.h
Examining data/quassel-0.13.1/src/core/coreidentity.cpp
Examining data/quassel-0.13.1/src/core/coreidentity.h
Examining data/quassel-0.13.1/src/core/coreignorelistmanager.cpp
Examining data/quassel-0.13.1/src/core/coreignorelistmanager.h
Examining data/quassel-0.13.1/src/core/coreircchannel.cpp
Examining data/quassel-0.13.1/src/core/coreircchannel.h
Examining data/quassel-0.13.1/src/core/coreirclisthelper.h
Examining data/quassel-0.13.1/src/core/coreircuser.cpp
Examining data/quassel-0.13.1/src/core/coreircuser.h
Examining data/quassel-0.13.1/src/core/corenetwork.cpp
Examining data/quassel-0.13.1/src/core/corenetwork.h
Examining data/quassel-0.13.1/src/core/corenetworkconfig.cpp
Examining data/quassel-0.13.1/src/core/corenetworkconfig.h
Examining data/quassel-0.13.1/src/core/coresession.cpp
Examining data/quassel-0.13.1/src/core/coresession.h
Examining data/quassel-0.13.1/src/core/coresessioneventprocessor.cpp
Examining data/quassel-0.13.1/src/core/coresessioneventprocessor.h
Examining data/quassel-0.13.1/src/core/coresettings.cpp
Examining data/quassel-0.13.1/src/core/coresettings.h
Examining data/quassel-0.13.1/src/core/coretransfer.cpp
Examining data/quassel-0.13.1/src/core/coretransfer.h
Examining data/quassel-0.13.1/src/core/coretransfermanager.cpp
Examining data/quassel-0.13.1/src/core/coretransfermanager.h
Examining data/quassel-0.13.1/src/core/coreuserinputhandler.cpp
Examining data/quassel-0.13.1/src/core/coreuserinputhandler.h
Examining data/quassel-0.13.1/src/core/coreusersettings.h
Examining data/quassel-0.13.1/src/core/ctcpparser.cpp
Examining data/quassel-0.13.1/src/core/ctcpparser.h
Examining data/quassel-0.13.1/src/core/eventstringifier.cpp
Examining data/quassel-0.13.1/src/core/eventstringifier.h
Examining data/quassel-0.13.1/src/core/identserver.cpp
Examining data/quassel-0.13.1/src/core/identserver.h
Examining data/quassel-0.13.1/src/core/ircparser.cpp
Examining data/quassel-0.13.1/src/core/ircparser.h
Examining data/quassel-0.13.1/src/core/ldapauthenticator.cpp
Examining data/quassel-0.13.1/src/core/ldapauthenticator.h
Examining data/quassel-0.13.1/src/core/netsplit.cpp
Examining data/quassel-0.13.1/src/core/netsplit.h
Examining data/quassel-0.13.1/src/core/oidentdconfiggenerator.cpp
Examining data/quassel-0.13.1/src/core/oidentdconfiggenerator.h
Examining data/quassel-0.13.1/src/core/postgresqlstorage.cpp
Examining data/quassel-0.13.1/src/core/postgresqlstorage.h
Examining data/quassel-0.13.1/src/core/sessionthread.cpp
Examining data/quassel-0.13.1/src/core/sessionthread.h
Examining data/quassel-0.13.1/src/core/sqlauthenticator.cpp
Examining data/quassel-0.13.1/src/core/sqlauthenticator.h
Examining data/quassel-0.13.1/src/core/sqlitestorage.cpp
Examining data/quassel-0.13.1/src/core/sqlitestorage.h
Examining data/quassel-0.13.1/src/core/sslserver.cpp
Examining data/quassel-0.13.1/src/core/sslserver.h
Examining data/quassel-0.13.1/src/core/storage.cpp
Examining data/quassel-0.13.1/src/core/storage.h
Examining data/quassel-0.13.1/src/core/core.cpp
Examining data/quassel-0.13.1/src/core/coreirclisthelper.cpp
Examining data/quassel-0.13.1/src/core/coreusersettings.cpp
Examining data/quassel-0.13.1/src/core/corebuffersyncer.cpp
Examining data/quassel-0.13.1/src/qtui/aboutdlg.cpp
Examining data/quassel-0.13.1/src/qtui/aboutdlg.h
Examining data/quassel-0.13.1/src/qtui/awaylogfilter.cpp
Examining data/quassel-0.13.1/src/qtui/awaylogfilter.h
Examining data/quassel-0.13.1/src/qtui/awaylogview.cpp
Examining data/quassel-0.13.1/src/qtui/awaylogview.h
Examining data/quassel-0.13.1/src/qtui/bufferwidget.cpp
Examining data/quassel-0.13.1/src/qtui/bufferwidget.h
Examining data/quassel-0.13.1/src/qtui/channellistdlg.cpp
Examining data/quassel-0.13.1/src/qtui/channellistdlg.h
Examining data/quassel-0.13.1/src/qtui/chatitem.h
Examining data/quassel-0.13.1/src/qtui/chatline.cpp
Examining data/quassel-0.13.1/src/qtui/chatline.h
Examining data/quassel-0.13.1/src/qtui/chatlinemodel.cpp
Examining data/quassel-0.13.1/src/qtui/chatlinemodel.h
Examining data/quassel-0.13.1/src/qtui/chatlinemodelitem.h
Examining data/quassel-0.13.1/src/qtui/chatmonitorfilter.cpp
Examining data/quassel-0.13.1/src/qtui/chatmonitorfilter.h
Examining data/quassel-0.13.1/src/qtui/chatmonitorview.cpp
Examining data/quassel-0.13.1/src/qtui/chatmonitorview.h
Examining data/quassel-0.13.1/src/qtui/chatscene.cpp
Examining data/quassel-0.13.1/src/qtui/chatscene.h
Examining data/quassel-0.13.1/src/qtui/chatview.h
Examining data/quassel-0.13.1/src/qtui/chatviewsearchbar.cpp
Examining data/quassel-0.13.1/src/qtui/chatviewsearchbar.h
Examining data/quassel-0.13.1/src/qtui/chatviewsearchcontroller.h
Examining data/quassel-0.13.1/src/qtui/chatviewsettings.cpp
Examining data/quassel-0.13.1/src/qtui/chatviewsettings.h
Examining data/quassel-0.13.1/src/qtui/columnhandleitem.cpp
Examining data/quassel-0.13.1/src/qtui/columnhandleitem.h
Examining data/quassel-0.13.1/src/qtui/coreconfigwizard.cpp
Examining data/quassel-0.13.1/src/qtui/coreconfigwizard.h
Examining data/quassel-0.13.1/src/qtui/coreconnectdlg.cpp
Examining data/quassel-0.13.1/src/qtui/coreconnectdlg.h
Examining data/quassel-0.13.1/src/qtui/coreconnectionstatuswidget.cpp
Examining data/quassel-0.13.1/src/qtui/coreconnectionstatuswidget.h
Examining data/quassel-0.13.1/src/qtui/coreinfodlg.cpp
Examining data/quassel-0.13.1/src/qtui/coreinfodlg.h
Examining data/quassel-0.13.1/src/qtui/coresessionwidget.cpp
Examining data/quassel-0.13.1/src/qtui/coresessionwidget.h
Examining data/quassel-0.13.1/src/qtui/debugbufferviewoverlay.cpp
Examining data/quassel-0.13.1/src/qtui/debugbufferviewoverlay.h
Examining data/quassel-0.13.1/src/qtui/debugconsole.cpp
Examining data/quassel-0.13.1/src/qtui/debugconsole.h
Examining data/quassel-0.13.1/src/qtui/debuglogdlg.cpp
Examining data/quassel-0.13.1/src/qtui/debuglogdlg.h
Examining data/quassel-0.13.1/src/qtui/debugmessagemodelfilter.cpp
Examining data/quassel-0.13.1/src/qtui/debugmessagemodelfilter.h
Examining data/quassel-0.13.1/src/qtui/dockmanagernotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/dockmanagernotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/indicatornotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/indicatornotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/inputwidget.cpp
Examining data/quassel-0.13.1/src/qtui/inputwidget.h
Examining data/quassel-0.13.1/src/qtui/ircconnectionwizard.cpp
Examining data/quassel-0.13.1/src/qtui/ircconnectionwizard.h
Examining data/quassel-0.13.1/src/qtui/knotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/knotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/legacysystemtray.cpp
Examining data/quassel-0.13.1/src/qtui/legacysystemtray.h
Examining data/quassel-0.13.1/src/qtui/mainpage.cpp
Examining data/quassel-0.13.1/src/qtui/mainpage.h
Examining data/quassel-0.13.1/src/qtui/mainwin.h
Examining data/quassel-0.13.1/src/qtui/markerlineitem.cpp
Examining data/quassel-0.13.1/src/qtui/markerlineitem.h
Examining data/quassel-0.13.1/src/qtui/monoapplication.cpp
Examining data/quassel-0.13.1/src/qtui/monoapplication.h
Examining data/quassel-0.13.1/src/qtui/msgprocessorstatuswidget.cpp
Examining data/quassel-0.13.1/src/qtui/msgprocessorstatuswidget.h
Examining data/quassel-0.13.1/src/qtui/nicklistwidget.cpp
Examining data/quassel-0.13.1/src/qtui/nicklistwidget.h
Examining data/quassel-0.13.1/src/qtui/osxnotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/passwordchangedlg.cpp
Examining data/quassel-0.13.1/src/qtui/passwordchangedlg.h
Examining data/quassel-0.13.1/src/qtui/phononnotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/phononnotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/qtmultimedianotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/qtmultimedianotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/qtui.cpp
Examining data/quassel-0.13.1/src/qtui/qtui.h
Examining data/quassel-0.13.1/src/qtui/qtuiapplication.cpp
Examining data/quassel-0.13.1/src/qtui/qtuiapplication.h
Examining data/quassel-0.13.1/src/qtui/qtuimessageprocessor.cpp
Examining data/quassel-0.13.1/src/qtui/qtuimessageprocessor.h
Examining data/quassel-0.13.1/src/qtui/qtuisettings.cpp
Examining data/quassel-0.13.1/src/qtui/qtuisettings.h
Examining data/quassel-0.13.1/src/qtui/qtuistyle.cpp
Examining data/quassel-0.13.1/src/qtui/qtuistyle.h
Examining data/quassel-0.13.1/src/qtui/receivefiledlg.cpp
Examining data/quassel-0.13.1/src/qtui/receivefiledlg.h
Examining data/quassel-0.13.1/src/qtui/settingsdlg.h
Examining data/quassel-0.13.1/src/qtui/settingspagedlg.cpp
Examining data/quassel-0.13.1/src/qtui/settingspagedlg.h
Examining data/quassel-0.13.1/src/qtui/settingspages/aliasesmodel.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/aliasesmodel.h
Examining data/quassel-0.13.1/src/qtui/settingspages/aliasessettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/aliasessettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/appearancesettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/appearancesettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/backlogsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/backlogsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/bufferviewsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/chatmonitorsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/chatviewcolorsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/chatviewcolorsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/chatviewsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/chatviewsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/connectionsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/connectionsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/coreaccountsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/coreaccountsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/coreconnectionsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/coreconnectionsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/corehighlightsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/corehighlightsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/dccsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/dccsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/highlightsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/highlightsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/identitiessettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/identitiessettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/identityeditwidget.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/identityeditwidget.h
Examining data/quassel-0.13.1/src/qtui/settingspages/ignorelistmodel.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/ignorelistmodel.h
Examining data/quassel-0.13.1/src/qtui/settingspages/ignorelistsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/ignorelistsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/inputwidgetsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/inputwidgetsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/itemviewsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/itemviewsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/keysequencewidget.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/keysequencewidget.h
Examining data/quassel-0.13.1/src/qtui/settingspages/networkssettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/notificationssettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/notificationssettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/previewbufferview.h
Examining data/quassel-0.13.1/src/qtui/settingspages/shortcutsmodel.h
Examining data/quassel-0.13.1/src/qtui/settingspages/shortcutssettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/shortcutssettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/sonnetsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/sonnetsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/topicwidgetsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/topicwidgetsettingspage.h
Examining data/quassel-0.13.1/src/qtui/settingspages/networkssettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/shortcutsmodel.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/bufferviewsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/settingspages/chatmonitorsettingspage.cpp
Examining data/quassel-0.13.1/src/qtui/simplenetworkeditor.cpp
Examining data/quassel-0.13.1/src/qtui/simplenetworkeditor.h
Examining data/quassel-0.13.1/src/qtui/snorenotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/snorenotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/sslinfodlg.cpp
Examining data/quassel-0.13.1/src/qtui/sslinfodlg.h
Examining data/quassel-0.13.1/src/qtui/statusnotifieritem.cpp
Examining data/quassel-0.13.1/src/qtui/statusnotifieritem.h
Examining data/quassel-0.13.1/src/qtui/statusnotifieritemdbus.cpp
Examining data/quassel-0.13.1/src/qtui/statusnotifieritemdbus.h
Examining data/quassel-0.13.1/src/qtui/systemtray.cpp
Examining data/quassel-0.13.1/src/qtui/systemtray.h
Examining data/quassel-0.13.1/src/qtui/systrayanimationnotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/systrayanimationnotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/systraynotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/systraynotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/taskbarnotificationbackend.cpp
Examining data/quassel-0.13.1/src/qtui/taskbarnotificationbackend.h
Examining data/quassel-0.13.1/src/qtui/titlesetter.cpp
Examining data/quassel-0.13.1/src/qtui/titlesetter.h
Examining data/quassel-0.13.1/src/qtui/topicwidget.cpp
Examining data/quassel-0.13.1/src/qtui/topicwidget.h
Examining data/quassel-0.13.1/src/qtui/verticaldock.cpp
Examining data/quassel-0.13.1/src/qtui/verticaldock.h
Examining data/quassel-0.13.1/src/qtui/webpreviewitem.cpp
Examining data/quassel-0.13.1/src/qtui/webpreviewitem.h
Examining data/quassel-0.13.1/src/qtui/chatitem.cpp
Examining data/quassel-0.13.1/src/qtui/chatlinemodelitem.cpp
Examining data/quassel-0.13.1/src/qtui/mainwin.cpp
Examining data/quassel-0.13.1/src/qtui/settingsdlg.cpp
Examining data/quassel-0.13.1/src/qtui/chatview.cpp
Examining data/quassel-0.13.1/src/qtui/chatviewsearchcontroller.cpp
Examining data/quassel-0.13.1/src/uisupport/aboutdata.cpp
Examining data/quassel-0.13.1/src/uisupport/aboutdata.h
Examining data/quassel-0.13.1/src/uisupport/abstractbuffercontainer.cpp
Examining data/quassel-0.13.1/src/uisupport/abstractbuffercontainer.h
Examining data/quassel-0.13.1/src/uisupport/abstractitemview.cpp
Examining data/quassel-0.13.1/src/uisupport/abstractitemview.h
Examining data/quassel-0.13.1/src/uisupport/abstractnotificationbackend.h
Examining data/quassel-0.13.1/src/uisupport/action.cpp
Examining data/quassel-0.13.1/src/uisupport/action.h
Examining data/quassel-0.13.1/src/uisupport/actioncollection.h
Examining data/quassel-0.13.1/src/uisupport/bufferhotlistfilter.cpp
Examining data/quassel-0.13.1/src/uisupport/bufferhotlistfilter.h
Examining data/quassel-0.13.1/src/uisupport/bufferview.cpp
Examining data/quassel-0.13.1/src/uisupport/bufferview.h
Examining data/quassel-0.13.1/src/uisupport/bufferviewfilter.h
Examining data/quassel-0.13.1/src/uisupport/bufferviewoverlayfilter.cpp
Examining data/quassel-0.13.1/src/uisupport/bufferviewoverlayfilter.h
Examining data/quassel-0.13.1/src/uisupport/clearablelineedit.cpp
Examining data/quassel-0.13.1/src/uisupport/clearablelineedit.h
Examining data/quassel-0.13.1/src/uisupport/clickable.cpp
Examining data/quassel-0.13.1/src/uisupport/clickable.h
Examining data/quassel-0.13.1/src/uisupport/clickablelabel.cpp
Examining data/quassel-0.13.1/src/uisupport/clickablelabel.h
Examining data/quassel-0.13.1/src/uisupport/colorbutton.cpp
Examining data/quassel-0.13.1/src/uisupport/colorbutton.h
Examining data/quassel-0.13.1/src/uisupport/contextmenuactionprovider.cpp
Examining data/quassel-0.13.1/src/uisupport/contextmenuactionprovider.h
Examining data/quassel-0.13.1/src/uisupport/flatproxymodel.cpp
Examining data/quassel-0.13.1/src/uisupport/flatproxymodel.h
Examining data/quassel-0.13.1/src/uisupport/fontselector.cpp
Examining data/quassel-0.13.1/src/uisupport/fontselector.h
Examining data/quassel-0.13.1/src/uisupport/graphicalui.cpp
Examining data/quassel-0.13.1/src/uisupport/graphicalui.h
Examining data/quassel-0.13.1/src/uisupport/icon.cpp
Examining data/quassel-0.13.1/src/uisupport/icon.h
Examining data/quassel-0.13.1/src/uisupport/kcmdlinewrapper.cpp
Examining data/quassel-0.13.1/src/uisupport/kcmdlinewrapper.h
Examining data/quassel-0.13.1/src/uisupport/multilineedit.cpp
Examining data/quassel-0.13.1/src/uisupport/multilineedit.h
Examining data/quassel-0.13.1/src/uisupport/networkmodelcontroller.h
Examining data/quassel-0.13.1/src/uisupport/nickview.cpp
Examining data/quassel-0.13.1/src/uisupport/nickview.h
Examining data/quassel-0.13.1/src/uisupport/nickviewfilter.cpp
Examining data/quassel-0.13.1/src/uisupport/nickviewfilter.h
Examining data/quassel-0.13.1/src/uisupport/qssparser.cpp
Examining data/quassel-0.13.1/src/uisupport/qssparser.h
Examining data/quassel-0.13.1/src/uisupport/resizingstackedwidget.cpp
Examining data/quassel-0.13.1/src/uisupport/resizingstackedwidget.h
Examining data/quassel-0.13.1/src/uisupport/settingspage.cpp
Examining data/quassel-0.13.1/src/uisupport/settingspage.h
Examining data/quassel-0.13.1/src/uisupport/styledlabel.cpp
Examining data/quassel-0.13.1/src/uisupport/styledlabel.h
Examining data/quassel-0.13.1/src/uisupport/tabcompleter.cpp
Examining data/quassel-0.13.1/src/uisupport/tabcompleter.h
Examining data/quassel-0.13.1/src/uisupport/toolbaractionprovider.h
Examining data/quassel-0.13.1/src/uisupport/treeviewtouch.cpp
Examining data/quassel-0.13.1/src/uisupport/treeviewtouch.h
Examining data/quassel-0.13.1/src/uisupport/uisettings.cpp
Examining data/quassel-0.13.1/src/uisupport/uisettings.h
Examining data/quassel-0.13.1/src/uisupport/uistyle.cpp
Examining data/quassel-0.13.1/src/uisupport/uistyle.h
Examining data/quassel-0.13.1/src/uisupport/networkmodelcontroller.cpp
Examining data/quassel-0.13.1/src/uisupport/toolbaractionprovider.cpp
Examining data/quassel-0.13.1/src/uisupport/bufferviewfilter.cpp
Examining data/quassel-0.13.1/src/uisupport/actioncollection.cpp
FINAL RESULTS:
data/quassel-0.13.1/3rdparty/sha512/sha512.c:49:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define polarssl_printf printf
data/quassel-0.13.1/src/core/core.cpp:95:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Quassel::loadTranslation(QLocale::system());
data/quassel-0.13.1/src/qtui/qtui.cpp:58:66: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Quassel::loadTranslation(uiSettings.value("Locale", QLocale::system()).value<QLocale>());
data/quassel-0.13.1/src/qtui/settingspages/appearancesettingspage.cpp:147:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale locale = uiSettings.value("Locale", QLocale::system()).value<QLocale>();
data/quassel-0.13.1/src/qtui/settingspages/appearancesettingspage.cpp:148:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (locale == QLocale::system())
data/quassel-0.13.1/src/qtui/settingspages/appearancesettingspage.cpp:270:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
locale = QLocale::system();
data/quassel-0.13.1/3rdparty/miniz/miniz.c:517:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_filename[MZ_ZIP_MAX_ARCHIVE_FILENAME_SIZE];
data/quassel-0.13.1/3rdparty/miniz/miniz.c:518:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_comment[MZ_ZIP_MAX_ARCHIVE_FILE_COMMENT_SIZE];
data/quassel-0.13.1/3rdparty/miniz/miniz.c:932:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char mz_validate_uint16[sizeof(mz_uint16)==2 ? 1 : -1];
data/quassel-0.13.1/3rdparty/miniz/miniz.c:933:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char mz_validate_uint32[sizeof(mz_uint32)==4 ? 1 : -1];
data/quassel-0.13.1/3rdparty/miniz/miniz.c:934:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char mz_validate_uint64[sizeof(mz_uint64)==8 ? 1 : -1];
data/quassel-0.13.1/3rdparty/miniz/miniz.c:1260:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStream->next_out, pState->m_dict + pState->m_dict_ofs, n);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:1280:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStream->next_out, pState->m_dict + pState->m_dict_ofs, n);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:1360:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define TINFL_MEMCPY(d, s, l) memcpy(d, s, l)
data/quassel-0.13.1/3rdparty/miniz/miniz.c:1949:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code_sizes_to_pack, &d->m_huff_code_sizes[0][0], num_lit_codes);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:1950:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code_sizes_to_pack + num_lit_codes, &d->m_huff_code_sizes[1][0], num_dist_codes);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2246:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)d->m_pOut_buf + d->m_out_buf_ofs, d->m_output_buf, bytes_to_copy);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2347:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->m_dict + dst_pos, d->m_pSrc, n);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2349:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->m_dict + TDEFL_LZ_DICT_SIZE + dst_pos, d->m_pSrc, MZ_MIN(n, (TDEFL_MAX_MATCH_LEN - 1) - dst_pos));
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2625:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)d->m_pOut_buf + d->m_out_buf_ofs, d->m_output_buf + d->m_output_flush_ofs, n);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2753:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8*)p->m_pBuf + p->m_size, pBuf, len); p->m_size = new_size;
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2823:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buf.m_pBuf, pnghdr, 41);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2885:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define MZ_FOPEN(f, m) fopen(f, m)
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2901:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define MZ_FOPEN(f, m) fopen(f, m)
data/quassel-0.13.1/3rdparty/miniz/miniz.c:2933:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define MZ_FOPEN(f, m) fopen(f, m)
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3026:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8*)pArray->m_p + orig_size * pArray->m_element_size, pElements, n * pArray->m_element_size);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3287:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, (const mz_uint8 *)pZip->m_pState->m_pMem + file_ofs, s);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3425:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStat->m_filename, p + MZ_ZIP_CENTRAL_DIR_HEADER_SIZE, n); pStat->m_filename[n] = '\0';
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3429:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStat->m_comment, p + MZ_ZIP_CENTRAL_DIR_HEADER_SIZE + MZ_READ_LE16(p + MZ_ZIP_CDH_FILENAME_LEN_OFS) + MZ_READ_LE16(p + MZ_ZIP_CDH_EXTRA_LEN_OFS), n); pStat->m_comment[n] = '\0';
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3443:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pFilename, p + MZ_ZIP_CENTRAL_DIR_HEADER_SIZE, n);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:4021:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)pState->m_pMem + file_ofs, pBuf, n);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:4069:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mz_uint64 cur_ofs = 0; char buf[4096]; MZ_CLEAR_OBJ(buf);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:4249:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/quassel-0.13.1/3rdparty/miniz/miniz.c:4686:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(central_header, pSrc_central_header, MZ_ZIP_CENTRAL_DIR_HEADER_SIZE);
data/quassel-0.13.1/3rdparty/sha512/sha512.c:186:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_process( sha512_context *ctx, const unsigned char data[128] )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:277:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *) (ctx->buffer + left), input, fill );
data/quassel-0.13.1/3rdparty/sha512/sha512.c:292:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *) (ctx->buffer + left), input, ilen );
data/quassel-0.13.1/3rdparty/sha512/sha512.c:295:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sha512_padding[128] =
data/quassel-0.13.1/3rdparty/sha512/sha512.c:310:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_finish( sha512_context *ctx, unsigned char output[64] )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:314:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msglen[16];
data/quassel-0.13.1/3rdparty/sha512/sha512.c:348:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512( const unsigned char *input, size_t ilen,
data/quassel-0.13.1/3rdparty/sha512/sha512.c:349:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[64], int is384 )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:364:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int sha512_file( const char *path, unsigned char output[64], int is384 )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:364:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int sha512_file( const char *path, unsigned char output[64], int is384 )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:369:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/quassel-0.13.1/3rdparty/sha512/sha512.c:371:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ( f = fopen( path, "rb" ) ) == NULL )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:401:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sum[64];
data/quassel-0.13.1/3rdparty/sha512/sha512.c:437:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:440:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmpbuf[64];
data/quassel-0.13.1/3rdparty/sha512/sha512.c:466:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_hmac( const unsigned char *key, size_t keylen,
data/quassel-0.13.1/3rdparty/sha512/sha512.c:467:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *input, size_t ilen,
data/quassel-0.13.1/3rdparty/sha512/sha512.c:468:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[64], int is384 )
data/quassel-0.13.1/3rdparty/sha512/sha512.c:484:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha512_test_buf[3][113] =
data/quassel-0.13.1/3rdparty/sha512/sha512.c:497:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sha512_test_sum[6][64] =
data/quassel-0.13.1/3rdparty/sha512/sha512.c:553:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha512_hmac_test_key[7][26] =
data/quassel-0.13.1/3rdparty/sha512/sha512.c:573:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha512_hmac_test_buf[7][153] =
data/quassel-0.13.1/3rdparty/sha512/sha512.c:599:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sha512_hmac_test_sum[14][64] =
data/quassel-0.13.1/3rdparty/sha512/sha512.c:704:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/quassel-0.13.1/3rdparty/sha512/sha512.c:705:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha512sum[64];
data/quassel-0.13.1/3rdparty/sha512/sha512.h:63:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[128]; /*!< data block being processed */
data/quassel-0.13.1/3rdparty/sha512/sha512.h:65:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ipad[128]; /*!< HMAC: inner padding */
data/quassel-0.13.1/3rdparty/sha512/sha512.h:66:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char opad[128]; /*!< HMAC: outer padding */
data/quassel-0.13.1/3rdparty/sha512/sha512.h:109:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_finish( sha512_context *ctx, unsigned char output[64] );
data/quassel-0.13.1/3rdparty/sha512/sha512.h:131:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512( const unsigned char *input, size_t ilen,
data/quassel-0.13.1/3rdparty/sha512/sha512.h:132:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[64], int is384 );
data/quassel-0.13.1/3rdparty/sha512/sha512.h:143:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int sha512_file( const char *path, unsigned char output[64], int is384 );
data/quassel-0.13.1/3rdparty/sha512/sha512.h:143:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int sha512_file( const char *path, unsigned char output[64], int is384 );
data/quassel-0.13.1/3rdparty/sha512/sha512.h:172:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] );
data/quassel-0.13.1/3rdparty/sha512/sha512.h:191:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_hmac( const unsigned char *key, size_t keylen,
data/quassel-0.13.1/3rdparty/sha512/sha512.h:192:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *input, size_t ilen,
data/quassel-0.13.1/3rdparty/sha512/sha512.h:193:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[64], int is384 );
data/quassel-0.13.1/3rdparty/sha512/sha512.h:203:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha512_process( sha512_context *ctx, const unsigned char data[128] );
data/quassel-0.13.1/src/client/clientauthhandler.cpp:556:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[64];
data/quassel-0.13.1/src/client/clienttransfer.cpp:81:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!_file->open(QFile::WriteOnly|QFile::Truncate)) {
data/quassel-0.13.1/src/common/compressor.cpp:126:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, _readBuffer.constData(), n);
data/quassel-0.13.1/src/common/compressor.cpp:149:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_writeBuffer.data() + pos, data, count);
data/quassel-0.13.1/src/common/identity.cpp:124:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR infoBuf[128];
data/quassel-0.13.1/src/common/identity.cpp:163:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR infoBuf[128];
data/quassel-0.13.1/src/common/logbacktrace_unix.cpp:42:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dumpFile.open(QIODevice::Append);
data/quassel-0.13.1/src/common/logbacktrace_win.cpp:154:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logFile.open(QIODevice::Append);
data/quassel-0.13.1/src/common/logger.cpp:105:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!_logFile.open(QFile::Append|QFile::Unbuffered|QFile::Text)) {
data/quassel-0.13.1/src/common/logger.cpp:110:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!_logFile.open(stderr, QFile::WriteOnly|QFile::Unbuffered|QFile::Text)) {
data/quassel-0.13.1/src/common/logger.cpp:241:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (dumpFile.open(QIODevice::Append)) {
data/quassel-0.13.1/src/common/quassel.cpp:368:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dumpFile.open(QIODevice::Append);
data/quassel-0.13.1/src/core/abstractsqlstorage.cpp:106:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!db.open()) {
data/quassel-0.13.1/src/core/abstractsqlstorage.cpp:184:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!queryFile.open(QIODevice::ReadOnly | QIODevice::Text))
data/quassel-0.13.1/src/core/abstractsqlstorage.cpp:657:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(stdout, QIODevice::WriteOnly);
data/quassel-0.13.1/src/core/oidentdconfiggenerator.cpp:121:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!_configFile->isOpen() && !_configFile->open(QIODevice::ReadOnly))
data/quassel-0.13.1/src/core/oidentdconfiggenerator.cpp:147:62: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool not_open = (!_configFile->isOpen() && !_configFile->open(QIODevice::ReadWrite | QIODevice::Text));
data/quassel-0.13.1/src/core/sslserver.cpp:144:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!certFile.open(QIODevice::ReadOnly)) {
data/quassel-0.13.1/src/core/sslserver.cpp:177:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!keyFile.open(QIODevice::ReadOnly)) {
data/quassel-0.13.1/src/core/storage.cpp:111:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[64];
data/quassel-0.13.1/src/qtui/qtui.cpp:377:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!indexFile.open(QFile::WriteOnly|QFile::Truncate)) {
data/quassel-0.13.1/src/qtui/qtuistyle.cpp:88:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!settingsQss.open(QFile::WriteOnly|QFile::Truncate)) {
data/quassel-0.13.1/src/qtui/settingspages/identityeditwidget.cpp:390:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keyFile.open(QIODevice::ReadOnly);
data/quassel-0.13.1/src/qtui/settingspages/identityeditwidget.cpp:471:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
certFile.open(QIODevice::ReadOnly);
data/quassel-0.13.1/src/uisupport/uistyle.cpp:187:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::ReadOnly)) {
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3483:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const mz_uint filename_len = (mz_uint)strlen(pFilename);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3505:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(pName); if (name_len > 0xFFFF) return -1;
data/quassel-0.13.1/3rdparty/miniz/miniz.c:3506:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comment_len = pComment ? strlen(pComment) : 0; if (comment_len > 0xFFFF) return -1;
data/quassel-0.13.1/3rdparty/miniz/miniz.c:4297:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archive_name_size = strlen(pArchive_name);
data/quassel-0.13.1/3rdparty/miniz/miniz.c:4432:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archive_name_size = strlen(pArchive_name);
data/quassel-0.13.1/src/client/clientauthhandler.cpp:243:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
socket()->read((char *)&reply, 4);
data/quassel-0.13.1/src/common/compressor.cpp:120:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 Compressor::read(char *data, qint64 maxSize)
data/quassel-0.13.1/src/common/compressor.cpp:168:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_readBuffer.append(_socket->read(maxBufferSize - _readBuffer.size()));
data/quassel-0.13.1/src/common/compressor.cpp:181:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_inputBuffer.append(_socket->read(ioBufferSize - _inputBuffer.size()));
data/quassel-0.13.1/src/common/compressor.h:64:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 read(char *data, qint64 maxSize);
data/quassel-0.13.1/src/common/main.cpp:79:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(S_IRWXG | S_IRWXO);
data/quassel-0.13.1/src/common/posixsignalwatcher.cpp:89:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto bytes = ::read(sockfd, &signal, sizeof(signal));
data/quassel-0.13.1/src/common/remotepeer.cpp:228:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_compressor->read((char*)&_msgSize, 4);
data/quassel-0.13.1/src/common/remotepeer.cpp:250:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 bytesRead = _compressor->read(msg.data(), _msgSize);
data/quassel-0.13.1/src/common/syncableobject.cpp:105:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
properties[propName] = prop.read(this);
data/quassel-0.13.1/src/core/coreauthhandler.cpp:80:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
socket()->read((char*)&magic, 4); // read the 4 bytes we've just peeked at
data/quassel-0.13.1/src/core/coreauthhandler.cpp:86:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
socket()->read((char*)&data, 4);
data/quassel-0.13.1/src/core/coretransfer.cpp:149:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = _socket->read(chunkSize);
data/quassel-0.13.1/src/core/oidentdconfiggenerator.cpp:145:25: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t prev_umask = umask(S_IXUSR | S_IWGRP | S_IXGRP | S_IWOTH | S_IXOTH); // == 0133, rw-r--r--
data/quassel-0.13.1/src/core/oidentdconfiggenerator.cpp:149:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(prev_umask);
data/quassel-0.13.1/src/qtui/settingspages/identityeditwidget.cpp:391:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray keyRaw = keyFile.read(2 << 20);
data/quassel-0.13.1/src/qtui/settingspages/identityeditwidget.cpp:472:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray certRaw = certFile.read(2 << 20);
ANALYSIS SUMMARY:
Hits = 119
Lines analyzed = 110110 in approximately 2.73 seconds (40265 lines/second)
Physical Source Lines of Code (SLOC) = 71392
Hits@level = [0] 12 [1] 22 [2] 91 [3] 0 [4] 6 [5] 0
Hits@level+ = [0+] 131 [1+] 119 [2+] 97 [3+] 6 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 1.83494 [1+] 1.66685 [2+] 1.3587 [3+] 0.084043 [4+] 0.084043 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.