Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/aqemu-0.9.2/src/About_Window.cpp
Examining data/aqemu-0.9.2/src/About_Window.h
Examining data/aqemu-0.9.2/src/Add_New_Device_Window.cpp
Examining data/aqemu-0.9.2/src/Add_New_Device_Window.h
Examining data/aqemu-0.9.2/src/Add_Port_Window.cpp
Examining data/aqemu-0.9.2/src/Add_Port_Window.h
Examining data/aqemu-0.9.2/src/Add_USB_Port_Window.cpp
Examining data/aqemu-0.9.2/src/Add_USB_Port_Window.h
Examining data/aqemu-0.9.2/src/Advanced_Settings_Window.cpp
Examining data/aqemu-0.9.2/src/Advanced_Settings_Window.h
Examining data/aqemu-0.9.2/src/Boot_Device_Window.cpp
Examining data/aqemu-0.9.2/src/Boot_Device_Window.h
Examining data/aqemu-0.9.2/src/Convert_HDD_Image_Window.cpp
Examining data/aqemu-0.9.2/src/Convert_HDD_Image_Window.h
Examining data/aqemu-0.9.2/src/Copy_VM_Window.cpp
Examining data/aqemu-0.9.2/src/Copy_VM_Window.h
Examining data/aqemu-0.9.2/src/Create_HDD_Image_Window.cpp
Examining data/aqemu-0.9.2/src/Create_HDD_Image_Window.h
Examining data/aqemu-0.9.2/src/Create_Template_Window.cpp
Examining data/aqemu-0.9.2/src/Create_Template_Window.h
Examining data/aqemu-0.9.2/src/Delete_VM_Files_Window.cpp
Examining data/aqemu-0.9.2/src/Delete_VM_Files_Window.h
Examining data/aqemu-0.9.2/src/Device_Manager_Widget.cpp
Examining data/aqemu-0.9.2/src/Device_Manager_Widget.h
Examining data/aqemu-0.9.2/src/Dialog_Button_Box.cpp
Examining data/aqemu-0.9.2/src/Dialog_Button_Box.h
Examining data/aqemu-0.9.2/src/Edit_Emulator_Version_Window.cpp
Examining data/aqemu-0.9.2/src/Edit_Emulator_Version_Window.h
Examining data/aqemu-0.9.2/src/Embedded_Display/Machine_View.cpp
Examining data/aqemu-0.9.2/src/Embedded_Display/Machine_View.h
Examining data/aqemu-0.9.2/src/Embedded_Display/remoteview.cpp
Examining data/aqemu-0.9.2/src/Embedded_Display/remoteview.h
Examining data/aqemu-0.9.2/src/Embedded_Display/vncclientthread.cpp
Examining data/aqemu-0.9.2/src/Embedded_Display/vncclientthread.h
Examining data/aqemu-0.9.2/src/Embedded_Display/vncview.cpp
Examining data/aqemu-0.9.2/src/Embedded_Display/vncview.h
Examining data/aqemu-0.9.2/src/Emulator_Control_Window.cpp
Examining data/aqemu-0.9.2/src/Emulator_Control_Window.h
Examining data/aqemu-0.9.2/src/Emulator_Options_Window.cpp
Examining data/aqemu-0.9.2/src/Emulator_Options_Window.h
Examining data/aqemu-0.9.2/src/Error_Log_Window.cpp
Examining data/aqemu-0.9.2/src/Error_Log_Window.h
Examining data/aqemu-0.9.2/src/First_Start_Wizard.cpp
Examining data/aqemu-0.9.2/src/First_Start_Wizard.h
Examining data/aqemu-0.9.2/src/Folder_Sharing_Widget.cpp
Examining data/aqemu-0.9.2/src/Folder_Sharing_Widget.h
Examining data/aqemu-0.9.2/src/HDD_Image_Info.cpp
Examining data/aqemu-0.9.2/src/HDD_Image_Info.h
Examining data/aqemu-0.9.2/src/IP_Edit.cpp
Examining data/aqemu-0.9.2/src/IP_Edit.h
Examining data/aqemu-0.9.2/src/Main_Window.cpp
Examining data/aqemu-0.9.2/src/Main_Window.h
Examining data/aqemu-0.9.2/src/Monitor_Window.cpp
Examining data/aqemu-0.9.2/src/Monitor_Window.h
Examining data/aqemu-0.9.2/src/Network_Widget.h
Examining data/aqemu-0.9.2/src/Ports_Tab_Widget.cpp
Examining data/aqemu-0.9.2/src/Ports_Tab_Widget.h
Examining data/aqemu-0.9.2/src/Properties_Window.cpp
Examining data/aqemu-0.9.2/src/Properties_Window.h
Examining data/aqemu-0.9.2/src/QDom.cpp
Examining data/aqemu-0.9.2/src/QDom.h
Examining data/aqemu-0.9.2/src/SMP_Settings_Window.cpp
Examining data/aqemu-0.9.2/src/SMP_Settings_Window.h
Examining data/aqemu-0.9.2/src/SPICE_Settings_Widget.cpp
Examining data/aqemu-0.9.2/src/SPICE_Settings_Widget.h
Examining data/aqemu-0.9.2/src/Select_Icon_Window.cpp
Examining data/aqemu-0.9.2/src/Select_Icon_Window.h
Examining data/aqemu-0.9.2/src/Settings_Widget.cpp
Examining data/aqemu-0.9.2/src/Settings_Widget.h
Examining data/aqemu-0.9.2/src/Snapshot_Properties_Window.cpp
Examining data/aqemu-0.9.2/src/Snapshot_Properties_Window.h
Examining data/aqemu-0.9.2/src/Snapshots_Window.cpp
Examining data/aqemu-0.9.2/src/Snapshots_Window.h
Examining data/aqemu-0.9.2/src/System_Info.cpp
Examining data/aqemu-0.9.2/src/System_Info.h
Examining data/aqemu-0.9.2/src/Utils.cpp
Examining data/aqemu-0.9.2/src/Utils.h
Examining data/aqemu-0.9.2/src/VM.h
Examining data/aqemu-0.9.2/src/VM_Wizard_Window.cpp
Examining data/aqemu-0.9.2/src/VM_Wizard_Window.h
Examining data/aqemu-0.9.2/src/VNC_Password_Window.cpp
Examining data/aqemu-0.9.2/src/VNC_Password_Window.h
Examining data/aqemu-0.9.2/src/docopt/docopt.cpp
Examining data/aqemu-0.9.2/src/docopt/docopt.h
Examining data/aqemu-0.9.2/src/docopt/docopt_private.h
Examining data/aqemu-0.9.2/src/docopt/docopt_util.h
Examining data/aqemu-0.9.2/src/docopt/docopt_value.h
Examining data/aqemu-0.9.2/src/main.cpp
Examining data/aqemu-0.9.2/src/tinyxml2.cpp
Examining data/aqemu-0.9.2/src/tinyxml2.h
Examining data/aqemu-0.9.2/src/Network_Widget.cpp
Examining data/aqemu-0.9.2/src/Old_Network_Widget.cpp
Examining data/aqemu-0.9.2/src/Old_Network_Widget.h
Examining data/aqemu-0.9.2/src/VM.cpp
Examining data/aqemu-0.9.2/src/VM_Devices.cpp
Examining data/aqemu-0.9.2/src/VM_Devices.h
FINAL RESULTS:
data/aqemu-0.9.2/src/Embedded_Display/vncclientthread.cpp:132:13: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
message.vsprintf(format, args);
data/aqemu-0.9.2/src/tinyxml2.cpp:63:25: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define TIXML_SNPRINTF _snprintf
data/aqemu-0.9.2/src/tinyxml2.cpp:65:23: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
#define TIXML_SSCANF sscanf
data/aqemu-0.9.2/src/tinyxml2.cpp:92:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define TIXML_SNPRINTF snprintf
data/aqemu-0.9.2/src/tinyxml2.cpp:93:26: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define TIXML_VSNPRINTF vsnprintf
data/aqemu-0.9.2/src/tinyxml2.cpp:96:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int len = vsnprintf( 0, 0, format, va );
data/aqemu-0.9.2/src/tinyxml2.cpp:100:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
#define TIXML_SSCANF sscanf
data/aqemu-0.9.2/src/tinyxml2.cpp:2136:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( _fp, format, va );
data/aqemu-0.9.2/src/About_Window.cpp:112:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! links_file.open(QIODevice::ReadOnly | QIODevice::Text) )
data/aqemu-0.9.2/src/Main_Window.cpp:4891:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! scriptFile.open(QIODevice::WriteOnly | QIODevice::Text) )
data/aqemu-0.9.2/src/System_Info.cpp:2283:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! sysfs_file.open(QIODevice::ReadOnly | QIODevice::Text) )
data/aqemu-0.9.2/src/System_Info.cpp:2313:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! proc_file.open(QIODevice::ReadOnly | QIODevice::Text) )
data/aqemu-0.9.2/src/System_Info.cpp:2517:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! proc_file.open(QIODevice::ReadOnly | QIODevice::Text) )
data/aqemu-0.9.2/src/System_Info.cpp:2754:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR buf[ len ];
data/aqemu-0.9.2/src/System_Info.cpp:2788:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR buf[ len ];
data/aqemu-0.9.2/src/Utils.cpp:217:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! log_file.open(QIODevice::Append | QIODevice::Text) )
data/aqemu-0.9.2/src/VM.cpp:3402:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! VM_XML_File.open(QFile::WriteOnly | QFile::Truncate) )
data/aqemu-0.9.2/src/VM.cpp:3432:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! VM_File.open(QFile::ReadOnly | QFile::Text) )
data/aqemu-0.9.2/src/VM_Devices.cpp:211:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! inFile.open(QIODevice::ReadOnly) )
data/aqemu-0.9.2/src/VM_Devices.cpp:1345:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ! outFile.open(QFile::WriteOnly | QFile::Truncate) )
data/aqemu-0.9.2/src/tinyxml2.cpp:185:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( _start, str, len+1 );
data/aqemu-0.9.2/src/tinyxml2.cpp:302:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[buflen] = { 0 };
data/aqemu-0.9.2/src/tinyxml2.cpp:314:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( q, buf, len );
data/aqemu-0.9.2/src/tinyxml2.cpp:1272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endTag[2] = { *p, 0 };
data/aqemu-0.9.2/src/tinyxml2.cpp:1339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1447:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1455:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1463:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1471:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:1883:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen( filepath, mode );
data/aqemu-0.9.2/src/tinyxml2.cpp:2023:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( _charBuffer, p, len );
data/aqemu-0.9.2/src/tinyxml2.cpp:2073:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[LEN] = { 0 };
data/aqemu-0.9.2/src/tinyxml2.cpp:2074:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[LEN] = { 0 };
data/aqemu-0.9.2/src/tinyxml2.cpp:2252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2276:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2349:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.cpp:2365:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/aqemu-0.9.2/src/tinyxml2.h:277:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( newMem, _mem, sizeof(T)*_size ); // warning: not using constructors, only works for PODs
data/aqemu-0.9.2/src/tinyxml2.h:409:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem[SIZE];
data/aqemu-0.9.2/src/docopt/docopt.cpp:600:23: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
std::string longOpt, equal;
data/aqemu-0.9.2/src/docopt/docopt.cpp:602:20: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
std::tie(longOpt, equal, val) = partition(tokens.pop(), "=");
data/aqemu-0.9.2/src/docopt/docopt.cpp:606:6: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal.empty()) {
data/aqemu-0.9.2/src/docopt/docopt.cpp:635:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int argcount = equal.empty() ? 0 : 1;
data/aqemu-0.9.2/src/docopt/docopt_util.h:21:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return std::equal(prefix.begin(), prefix.end(),
data/aqemu-0.9.2/src/tinyxml2.cpp:182:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen( str );
data/aqemu-0.9.2/src/tinyxml2.cpp:197:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen( endTag );
data/aqemu-0.9.2/src/tinyxml2.cpp:1006:18: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if ( mismatch ) {
data/aqemu-0.9.2/src/tinyxml2.cpp:1945:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( fgetc( fp ) == EOF && ferror( fp ) != 0 ) {
data/aqemu-0.9.2/src/tinyxml2.cpp:1974:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( read != size ) {
data/aqemu-0.9.2/src/tinyxml2.cpp:2019:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( p );
ANALYSIS SUMMARY:
Hits = 60
Lines analyzed = 51660 in approximately 1.25 seconds (41301 lines/second)
Physical Source Lines of Code (SLOC) = 36544
Hits@level = [0] 3 [1] 11 [2] 41 [3] 0 [4] 8 [5] 0
Hits@level+ = [0+] 63 [1+] 60 [2+] 49 [3+] 8 [4+] 8 [5+] 0
Hits/KSLOC@level+ = [0+] 1.72395 [1+] 1.64186 [2+] 1.34085 [3+] 0.218914 [4+] 0.218914 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.