Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sachesi-2.0.4+ds/src/apps.cpp
Examining data/sachesi-2.0.4+ds/src/apps.h
Examining data/sachesi-2.0.4+ds/src/autoloaderwriter.h
Examining data/sachesi-2.0.4+ds/src/backupinfo.cpp
Examining data/sachesi-2.0.4+ds/src/backupinfo.h
Examining data/sachesi-2.0.4+ds/src/blitzinfo.h
Examining data/sachesi-2.0.4+ds/src/boot.cpp
Examining data/sachesi-2.0.4+ds/src/boot.h
Examining data/sachesi-2.0.4+ds/src/carrierinfo.h
Examining data/sachesi-2.0.4+ds/src/deviceinfo.h
Examining data/sachesi-2.0.4+ds/src/downloadinfo.h
Examining data/sachesi-2.0.4+ds/src/fs/fs.cpp
Examining data/sachesi-2.0.4+ds/src/fs/fs.h
Examining data/sachesi-2.0.4+ds/src/fs/ifs.cpp
Examining data/sachesi-2.0.4+ds/src/fs/ifs.h
Examining data/sachesi-2.0.4+ds/src/fs/qnx6.cpp
Examining data/sachesi-2.0.4+ds/src/fs/rcfs.cpp
Examining data/sachesi-2.0.4+ds/src/fs/rcfs.h
Examining data/sachesi-2.0.4+ds/src/fs/qnx6.h
Examining data/sachesi-2.0.4+ds/src/installer.cpp
Examining data/sachesi-2.0.4+ds/src/installer_auth.cpp
Examining data/sachesi-2.0.4+ds/src/installer_establish.cpp
Examining data/sachesi-2.0.4+ds/src/installer_qml.cpp
Examining data/sachesi-2.0.4+ds/src/ports.cpp
Examining data/sachesi-2.0.4+ds/src/ports.h
Examining data/sachesi-2.0.4+ds/src/sachesi.cpp
Examining data/sachesi-2.0.4+ds/src/search/discoveredrelease.h
Examining data/sachesi-2.0.4+ds/src/search/mainnet.cpp
Examining data/sachesi-2.0.4+ds/src/search/mainnet.h
Examining data/sachesi-2.0.4+ds/src/search/scanner.cpp
Examining data/sachesi-2.0.4+ds/src/search/scanner.h
Examining data/sachesi-2.0.4+ds/src/splitter.cpp
Examining data/sachesi-2.0.4+ds/src/splitter.h
Examining data/sachesi-2.0.4+ds/src/translator.h
Examining data/sachesi-2.0.4+ds/src/blitzinfo.cpp
Examining data/sachesi-2.0.4+ds/src/installer.h
FINAL RESULTS:
data/sachesi-2.0.4+ds/src/search/mainnet.cpp:284:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
homeNPC.sprintf("%03d%03d%d", carrier, country, carrier ? 30 : 60);
data/sachesi-2.0.4+ds/src/autoloaderwriter.h:51:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(QIODevice::WriteOnly);
data/sachesi-2.0.4+ds/src/autoloaderwriter.h:53:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cap.open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/blitzinfo.cpp:27:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!manifest.open(QIODevice::ReadOnly))
data/sachesi-2.0.4+ds/src/boot.cpp:104:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((unsigned char*)buffer.data()+8, (const unsigned char*)aData->constData(), aDataSize);
data/sachesi-2.0.4+ds/src/boot.cpp:142:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aHeader, (const unsigned char*)buffer.constData(), 8);
data/sachesi-2.0.4+ds/src/boot.cpp:144:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((unsigned char*)aData->data(), (const unsigned char*)buffer.constData() + 8, transferred - 8);
data/sachesi-2.0.4+ds/src/boot.cpp:309:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
info.open(QIODevice::WriteOnly);
data/sachesi-2.0.4+ds/src/boot.cpp:311:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bufferStream.open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/downloadinfo.h:244:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_updateFile.open(QIODevice::WriteOnly | QIODevice::Append);
data/sachesi-2.0.4+ds/src/fs/fs.cpp:43:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_file->open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/fs/fs.cpp:110:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!newFile.open(QIODevice::WriteOnly))
data/sachesi-2.0.4+ds/src/fs/qnx6.cpp:175:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
currentZip->open(QuaZip::mdCreate);
data/sachesi-2.0.4+ds/src/fs/qnx6.cpp:281:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
zipFile->open(QIODevice::WriteOnly, newInfo);
data/sachesi-2.0.4+ds/src/fs/qnx6.cpp:284:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
newFile->open(QIODevice::WriteOnly);
data/sachesi-2.0.4+ds/src/fs/rcfs.cpp:157:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
newFile.open(QFile::WriteOnly);
data/sachesi-2.0.4+ds/src/installer.cpp:47:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logFile->open(); // This will autoclose and autoremove by default when ~InstallNet
data/sachesi-2.0.4+ds/src/installer.cpp:120:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!manifest.open(QIODevice::ReadOnly))
data/sachesi-2.0.4+ds/src/installer.cpp:226:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testZip.open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/installer.cpp:235:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
zip.open(QuaZip::mdUnzip);
data/sachesi-2.0.4+ds/src/installer.cpp:257:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/sachesi-2.0.4+ds/src/installer.cpp:262:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!writeFile.open(QIODevice::WriteOnly)) {
data/sachesi-2.0.4+ds/src/installer.cpp:448:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
currentBackupZip->open(QuaZip::mdCreate);
data/sachesi-2.0.4+ds/src/installer.cpp:461:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
manifest->open(QIODevice::WriteOnly, newInfo);
data/sachesi-2.0.4+ds/src/installer.cpp:546:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
currentBackupZip->open(QuaZip::mdUnzip);
data/sachesi-2.0.4+ds/src/installer.cpp:1081:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rtasData.open(QIODevice::WriteOnly | QIODevice::Text);
data/sachesi-2.0.4+ds/src/installer.cpp:1161:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
compressedFile->open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/installer.cpp:1234:41: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
compressedFile->open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/installer.cpp:1328:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_zipFile->open(QIODevice::WriteOnly, newInfo);
data/sachesi-2.0.4+ds/src/installer.cpp:1415:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_zipFile->open(QIODevice::WriteOnly, newInfo);
data/sachesi-2.0.4+ds/src/installer.cpp:1463:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_zipFile->open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/installer.cpp:1585:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
installedTxt.open(QIODevice::WriteOnly | QIODevice::Text);
data/sachesi-2.0.4+ds/src/ports.cpp:169:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!displayFile.open(QIODevice::WriteOnly | QIODevice::Text))
data/sachesi-2.0.4+ds/src/search/mainnet.cpp:79:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
capFile.open(QIODevice::WriteOnly | QIODevice::Append);
data/sachesi-2.0.4+ds/src/splitter.cpp:90:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
autoloaderFile->open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/splitter.cpp:211:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmpFile.at(i)->open(QIODevice::WriteOnly);
data/sachesi-2.0.4+ds/src/splitter.cpp:236:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file->open(QIODevice::ReadOnly)) {
data/sachesi-2.0.4+ds/src/splitter.cpp:245:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
barFile.open(QuaZip::mdUnzip);
data/sachesi-2.0.4+ds/src/splitter.cpp:252:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
signedFile->open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/splitter.cpp:267:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outputSigned.open(QIODevice::WriteOnly);
data/sachesi-2.0.4+ds/src/splitter.cpp:292:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!imageFile->open(QIODevice::ReadOnly)) {
data/sachesi-2.0.4+ds/src/splitter.cpp:324:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer.open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/splitter.h:206:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
newFile->open(QIODevice::ReadOnly);
data/sachesi-2.0.4+ds/src/splitter.h:210:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
barFile.open(QuaZip::mdUnzip);
data/sachesi-2.0.4+ds/src/splitter.h:216:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!signedFile->open(QIODevice::ReadOnly)) {
data/sachesi-2.0.4+ds/src/autoloaderwriter.h:89:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int writeSize = write(file->read(FAST_BUFFER_LEN));
data/sachesi-2.0.4+ds/src/boot.cpp:320:101: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info.write(QByteArray("Hardware ID: 0x") + QByteArray::number(pin, 16) + " " + bufferStream.read(64).split('\0').first() + "\n");
data/sachesi-2.0.4+ds/src/boot.cpp:321:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info.write(QByteArray("Build User: ") + bufferStream.read(16).split('\0').first() + "\n");
data/sachesi-2.0.4+ds/src/boot.cpp:322:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info.write(QByteArray("Build Date: ") + bufferStream.read(16).split('\0').first() + "\n");
data/sachesi-2.0.4+ds/src/boot.cpp:323:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
info.write(QByteArray("Build Time: ") + bufferStream.read(16).split('\0').first() + "\n");
data/sachesi-2.0.4+ds/src/fs/fs.cpp:114:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int diff = newFile.write(_file->read(qMin(BUFFER_LEN, endSize - curSize)));
data/sachesi-2.0.4+ds/src/fs/fs.h:89:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void increaseCurSize(qint64 read) {
data/sachesi-2.0.4+ds/src/fs/fs.h:90:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read <= 0)
data/sachesi-2.0.4+ds/src/fs/fs.h:92:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
curSize += read;
data/sachesi-2.0.4+ds/src/fs/fs.h:93:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
emit sizeChanged(read);
data/sachesi-2.0.4+ds/src/fs/ifs.cpp:119:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (_file->read(4) != QByteArray::fromHex("EB7EFF00")) {
data/sachesi-2.0.4+ds/src/fs/ifs.cpp:123:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (_file->read(4) != QByteArray::fromHex("EB7EFF00")) {
data/sachesi-2.0.4+ds/src/fs/qnx6.cpp:28:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray tmp = _file->read(readlen);
data/sachesi-2.0.4+ds/src/fs/qnx6.cpp:89:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret.second = _file->read(count);
data/sachesi-2.0.4+ds/src/fs/qnx6.cpp:146:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
manifestDump.append(_file->read(len));
data/sachesi-2.0.4+ds/src/fs/qnx6.cpp:293:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray tmp = _file->read(len);
data/sachesi-2.0.4+ds/src/fs/rcfs.cpp:112:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_file->read(readData, size);
data/sachesi-2.0.4+ds/src/fs/rcfs.cpp:122:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = _file->read(qMin(BUFFER_LEN, i));
data/sachesi-2.0.4+ds/src/fs/rcfs.cpp:170:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_file->read(readData, size);
data/sachesi-2.0.4+ds/src/installer.cpp:227:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (testZip.read(2).toHex() != "504b") {
data/sachesi-2.0.4+ds/src/installer.cpp:260:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (file.read(2).toHex() == "504b") {
data/sachesi-2.0.4+ds/src/installer.cpp:269:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
writeFile.write(file.read(8192000));
data/sachesi-2.0.4+ds/src/splitter.cpp:97:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray tmp = autoloaderFile->read(BUFFER_LEN);
data/sachesi-2.0.4+ds/src/splitter.cpp:150:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (autoloaderFile->read(4) == QByteArray("pfcq",4)) {
data/sachesi-2.0.4+ds/src/splitter.cpp:216:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp = autoloaderFile->read(read_len);
data/sachesi-2.0.4+ds/src/splitter.cpp:272:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp = signedFile->read(read_len);
data/sachesi-2.0.4+ds/src/splitter.cpp:314:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (dev->read(4) != QByteArray("mfcq", 4)) {
data/sachesi-2.0.4+ds/src/splitter.cpp:322:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray partitionTable = dev->read(4000);
data/sachesi-2.0.4+ds/src/splitter.cpp:363:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (dev->read(4) == QByteArray("pfcq",4)) {
data/sachesi-2.0.4+ds/src/splitter.h:69:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray header = device->read(4);
data/sachesi-2.0.4+ds/src/splitter.h:256:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
emit progressChanged((int)(read / maxSize));
data/sachesi-2.0.4+ds/src/splitter.h:274:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
emit progressChanged((int)(read / maxSize));
data/sachesi-2.0.4+ds/src/splitter.h:283:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
quint64 read, maxSize;
ANALYSIS SUMMARY:
Hits = 78
Lines analyzed = 7582 in approximately 0.21 seconds (35873 lines/second)
Physical Source Lines of Code (SLOC) = 6009
Hits@level = [0] 0 [1] 33 [2] 44 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 78 [1+] 78 [2+] 45 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 12.9805 [1+] 12.9805 [2+] 7.48877 [3+] 0.166417 [4+] 0.166417 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.