Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libktorrent-2.2.0/examples/ktcli/ktcli.cpp
Examining data/libktorrent-2.2.0/examples/ktcli/ktcli.h
Examining data/libktorrent-2.2.0/examples/ktcli/main.cpp
Examining data/libktorrent-2.2.0/src/bcodec/bdecoder.cpp
Examining data/libktorrent-2.2.0/src/bcodec/bdecoder.h
Examining data/libktorrent-2.2.0/src/bcodec/bencoder.cpp
Examining data/libktorrent-2.2.0/src/bcodec/bencoder.h
Examining data/libktorrent-2.2.0/src/bcodec/bnode.cpp
Examining data/libktorrent-2.2.0/src/bcodec/bnode.h
Examining data/libktorrent-2.2.0/src/bcodec/value.cpp
Examining data/libktorrent-2.2.0/src/bcodec/value.h
Examining data/libktorrent-2.2.0/src/datachecker/datachecker.cpp
Examining data/libktorrent-2.2.0/src/datachecker/datachecker.h
Examining data/libktorrent-2.2.0/src/datachecker/datacheckerjob.cpp
Examining data/libktorrent-2.2.0/src/datachecker/datacheckerjob.h
Examining data/libktorrent-2.2.0/src/datachecker/datacheckerthread.cpp
Examining data/libktorrent-2.2.0/src/datachecker/datacheckerthread.h
Examining data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp
Examining data/libktorrent-2.2.0/src/datachecker/multidatachecker.h
Examining data/libktorrent-2.2.0/src/datachecker/singledatachecker.cpp
Examining data/libktorrent-2.2.0/src/datachecker/singledatachecker.h
Examining data/libktorrent-2.2.0/src/datachecker/tests/datacheckertest.cpp
Examining data/libktorrent-2.2.0/src/dht/announcereq.cpp
Examining data/libktorrent-2.2.0/src/dht/announcereq.h
Examining data/libktorrent-2.2.0/src/dht/announcersp.cpp
Examining data/libktorrent-2.2.0/src/dht/announcersp.h
Examining data/libktorrent-2.2.0/src/dht/announcetask.cpp
Examining data/libktorrent-2.2.0/src/dht/announcetask.h
Examining data/libktorrent-2.2.0/src/dht/database.cpp
Examining data/libktorrent-2.2.0/src/dht/database.h
Examining data/libktorrent-2.2.0/src/dht/dht.cpp
Examining data/libktorrent-2.2.0/src/dht/dht.h
Examining data/libktorrent-2.2.0/src/dht/dhtbase.cpp
Examining data/libktorrent-2.2.0/src/dht/dhtbase.h
Examining data/libktorrent-2.2.0/src/dht/dhtpeersource.cpp
Examining data/libktorrent-2.2.0/src/dht/dhtpeersource.h
Examining data/libktorrent-2.2.0/src/dht/errmsg.cpp
Examining data/libktorrent-2.2.0/src/dht/errmsg.h
Examining data/libktorrent-2.2.0/src/dht/findnodereq.cpp
Examining data/libktorrent-2.2.0/src/dht/findnodereq.h
Examining data/libktorrent-2.2.0/src/dht/findnodersp.cpp
Examining data/libktorrent-2.2.0/src/dht/findnodersp.h
Examining data/libktorrent-2.2.0/src/dht/getpeersreq.cpp
Examining data/libktorrent-2.2.0/src/dht/getpeersreq.h
Examining data/libktorrent-2.2.0/src/dht/getpeersrsp.cpp
Examining data/libktorrent-2.2.0/src/dht/getpeersrsp.h
Examining data/libktorrent-2.2.0/src/dht/kbucket.cpp
Examining data/libktorrent-2.2.0/src/dht/kbucket.h
Examining data/libktorrent-2.2.0/src/dht/kbucketentry.cpp
Examining data/libktorrent-2.2.0/src/dht/kbucketentry.h
Examining data/libktorrent-2.2.0/src/dht/kbuckettable.cpp
Examining data/libktorrent-2.2.0/src/dht/kbuckettable.h
Examining data/libktorrent-2.2.0/src/dht/kclosestnodessearch.cpp
Examining data/libktorrent-2.2.0/src/dht/kclosestnodessearch.h
Examining data/libktorrent-2.2.0/src/dht/key.cpp
Examining data/libktorrent-2.2.0/src/dht/key.h
Examining data/libktorrent-2.2.0/src/dht/node.cpp
Examining data/libktorrent-2.2.0/src/dht/node.h
Examining data/libktorrent-2.2.0/src/dht/nodelookup.cpp
Examining data/libktorrent-2.2.0/src/dht/nodelookup.h
Examining data/libktorrent-2.2.0/src/dht/pack.cpp
Examining data/libktorrent-2.2.0/src/dht/pack.h
Examining data/libktorrent-2.2.0/src/dht/packednodecontainer.cpp
Examining data/libktorrent-2.2.0/src/dht/packednodecontainer.h
Examining data/libktorrent-2.2.0/src/dht/pingreq.cpp
Examining data/libktorrent-2.2.0/src/dht/pingreq.h
Examining data/libktorrent-2.2.0/src/dht/pingrsp.cpp
Examining data/libktorrent-2.2.0/src/dht/pingrsp.h
Examining data/libktorrent-2.2.0/src/dht/rpccall.cpp
Examining data/libktorrent-2.2.0/src/dht/rpccall.h
Examining data/libktorrent-2.2.0/src/dht/rpcmsg.cpp
Examining data/libktorrent-2.2.0/src/dht/rpcmsg.h
Examining data/libktorrent-2.2.0/src/dht/rpcmsgfactory.cpp
Examining data/libktorrent-2.2.0/src/dht/rpcmsgfactory.h
Examining data/libktorrent-2.2.0/src/dht/rpcserver.cpp
Examining data/libktorrent-2.2.0/src/dht/rpcserver.h
Examining data/libktorrent-2.2.0/src/dht/rpcserverinterface.cpp
Examining data/libktorrent-2.2.0/src/dht/rpcserverinterface.h
Examining data/libktorrent-2.2.0/src/dht/task.cpp
Examining data/libktorrent-2.2.0/src/dht/task.h
Examining data/libktorrent-2.2.0/src/dht/taskmanager.cpp
Examining data/libktorrent-2.2.0/src/dht/taskmanager.h
Examining data/libktorrent-2.2.0/src/dht/tests/keytest.cpp
Examining data/libktorrent-2.2.0/src/dht/tests/rpcmsgtest.cpp
Examining data/libktorrent-2.2.0/src/diskio/cache.cpp
Examining data/libktorrent-2.2.0/src/diskio/cache.h
Examining data/libktorrent-2.2.0/src/diskio/cachefile.cpp
Examining data/libktorrent-2.2.0/src/diskio/cachefile.h
Examining data/libktorrent-2.2.0/src/diskio/chunk.cpp
Examining data/libktorrent-2.2.0/src/diskio/chunk.h
Examining data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp
Examining data/libktorrent-2.2.0/src/diskio/chunkmanager.h
Examining data/libktorrent-2.2.0/src/diskio/deletedatafilesjob.cpp
Examining data/libktorrent-2.2.0/src/diskio/deletedatafilesjob.h
Examining data/libktorrent-2.2.0/src/diskio/dndfile.cpp
Examining data/libktorrent-2.2.0/src/diskio/dndfile.h
Examining data/libktorrent-2.2.0/src/diskio/movedatafilesjob.cpp
Examining data/libktorrent-2.2.0/src/diskio/movedatafilesjob.h
Examining data/libktorrent-2.2.0/src/diskio/multifilecache.cpp
Examining data/libktorrent-2.2.0/src/diskio/multifilecache.h
Examining data/libktorrent-2.2.0/src/diskio/piecedata.cpp
Examining data/libktorrent-2.2.0/src/diskio/piecedata.h
Examining data/libktorrent-2.2.0/src/diskio/preallocationjob.cpp
Examining data/libktorrent-2.2.0/src/diskio/preallocationjob.h
Examining data/libktorrent-2.2.0/src/diskio/preallocationthread.cpp
Examining data/libktorrent-2.2.0/src/diskio/preallocationthread.h
Examining data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp
Examining data/libktorrent-2.2.0/src/diskio/singlefilecache.h
Examining data/libktorrent-2.2.0/src/diskio/tests/chunkmanagertest.cpp
Examining data/libktorrent-2.2.0/src/diskio/tests/preallocationtest.cpp
Examining data/libktorrent-2.2.0/src/download/chunkdownload.cpp
Examining data/libktorrent-2.2.0/src/download/chunkdownload.h
Examining data/libktorrent-2.2.0/src/download/chunkselector.cpp
Examining data/libktorrent-2.2.0/src/download/chunkselector.h
Examining data/libktorrent-2.2.0/src/download/downloader.cpp
Examining data/libktorrent-2.2.0/src/download/downloader.h
Examining data/libktorrent-2.2.0/src/download/httpconnection.cpp
Examining data/libktorrent-2.2.0/src/download/httpconnection.h
Examining data/libktorrent-2.2.0/src/download/httpresponseheader.cpp
Examining data/libktorrent-2.2.0/src/download/httpresponseheader.h
Examining data/libktorrent-2.2.0/src/download/packet.cpp
Examining data/libktorrent-2.2.0/src/download/packet.h
Examining data/libktorrent-2.2.0/src/download/piece.cpp
Examining data/libktorrent-2.2.0/src/download/piece.h
Examining data/libktorrent-2.2.0/src/download/request.cpp
Examining data/libktorrent-2.2.0/src/download/request.h
Examining data/libktorrent-2.2.0/src/download/streamingchunkselector.cpp
Examining data/libktorrent-2.2.0/src/download/streamingchunkselector.h
Examining data/libktorrent-2.2.0/src/download/tests/streamingchunkselectortest.cpp
Examining data/libktorrent-2.2.0/src/download/webseed.cpp
Examining data/libktorrent-2.2.0/src/download/webseed.h
Examining data/libktorrent-2.2.0/src/interfaces/blocklistinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/blocklistinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/cachefactory.cpp
Examining data/libktorrent-2.2.0/src/interfaces/cachefactory.h
Examining data/libktorrent-2.2.0/src/interfaces/chunkdownloadinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/chunkdownloadinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/chunkselectorinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/chunkselectorinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/exitoperation.cpp
Examining data/libktorrent-2.2.0/src/interfaces/exitoperation.h
Examining data/libktorrent-2.2.0/src/interfaces/logmonitorinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/logmonitorinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/monitorinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/monitorinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/peerinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/peerinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/peersource.cpp
Examining data/libktorrent-2.2.0/src/interfaces/peersource.h
Examining data/libktorrent-2.2.0/src/interfaces/piecedownloader.cpp
Examining data/libktorrent-2.2.0/src/interfaces/piecedownloader.h
Examining data/libktorrent-2.2.0/src/interfaces/queuemanagerinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/queuemanagerinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/serverinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/serverinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/torrentfileinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/torrentfileinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/torrentinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/torrentinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/trackerinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/trackerinterface.h
Examining data/libktorrent-2.2.0/src/interfaces/trackerslist.cpp
Examining data/libktorrent-2.2.0/src/interfaces/trackerslist.h
Examining data/libktorrent-2.2.0/src/interfaces/webseedinterface.cpp
Examining data/libktorrent-2.2.0/src/interfaces/webseedinterface.h
Examining data/libktorrent-2.2.0/src/magnet/magnetdownloader.cpp
Examining data/libktorrent-2.2.0/src/magnet/magnetdownloader.h
Examining data/libktorrent-2.2.0/src/magnet/magnetlink.cpp
Examining data/libktorrent-2.2.0/src/magnet/magnetlink.h
Examining data/libktorrent-2.2.0/src/magnet/metadatadownload.cpp
Examining data/libktorrent-2.2.0/src/magnet/metadatadownload.h
Examining data/libktorrent-2.2.0/src/magnet/tests/magnetlinktest.cpp
Examining data/libktorrent-2.2.0/src/migrate/cachemigrate.cpp
Examining data/libktorrent-2.2.0/src/migrate/cachemigrate.h
Examining data/libktorrent-2.2.0/src/migrate/ccmigrate.cpp
Examining data/libktorrent-2.2.0/src/migrate/ccmigrate.h
Examining data/libktorrent-2.2.0/src/migrate/migrate.cpp
Examining data/libktorrent-2.2.0/src/migrate/migrate.h
Examining data/libktorrent-2.2.0/src/mse/bigint.cpp
Examining data/libktorrent-2.2.0/src/mse/bigint.h
Examining data/libktorrent-2.2.0/src/mse/encryptedauthenticate.cpp
Examining data/libktorrent-2.2.0/src/mse/encryptedauthenticate.h
Examining data/libktorrent-2.2.0/src/mse/encryptedpacketsocket.cpp
Examining data/libktorrent-2.2.0/src/mse/encryptedpacketsocket.h
Examining data/libktorrent-2.2.0/src/mse/encryptedserverauthenticate.cpp
Examining data/libktorrent-2.2.0/src/mse/encryptedserverauthenticate.h
Examining data/libktorrent-2.2.0/src/mse/functions.cpp
Examining data/libktorrent-2.2.0/src/mse/functions.h
Examining data/libktorrent-2.2.0/src/mse/rc4encryptor.cpp
Examining data/libktorrent-2.2.0/src/mse/rc4encryptor.h
Examining data/libktorrent-2.2.0/src/mse/tests/rc4encryptortest.cpp
Examining data/libktorrent-2.2.0/src/net/address.cpp
Examining data/libktorrent-2.2.0/src/net/address.h
Examining data/libktorrent-2.2.0/src/net/addressresolver.cpp
Examining data/libktorrent-2.2.0/src/net/addressresolver.h
Examining data/libktorrent-2.2.0/src/net/downloadthread.cpp
Examining data/libktorrent-2.2.0/src/net/downloadthread.h
Examining data/libktorrent-2.2.0/src/net/networkthread.cpp
Examining data/libktorrent-2.2.0/src/net/networkthread.h
Examining data/libktorrent-2.2.0/src/net/packetsocket.cpp
Examining data/libktorrent-2.2.0/src/net/packetsocket.h
Examining data/libktorrent-2.2.0/src/net/poll.cpp
Examining data/libktorrent-2.2.0/src/net/poll.h
Examining data/libktorrent-2.2.0/src/net/portlist.cpp
Examining data/libktorrent-2.2.0/src/net/portlist.h
Examining data/libktorrent-2.2.0/src/net/reverseresolver.cpp
Examining data/libktorrent-2.2.0/src/net/reverseresolver.h
Examining data/libktorrent-2.2.0/src/net/serversocket.cpp
Examining data/libktorrent-2.2.0/src/net/serversocket.h
Examining data/libktorrent-2.2.0/src/net/socket.cpp
Examining data/libktorrent-2.2.0/src/net/socket.h
Examining data/libktorrent-2.2.0/src/net/socketdevice.cpp
Examining data/libktorrent-2.2.0/src/net/socketdevice.h
Examining data/libktorrent-2.2.0/src/net/socketgroup.cpp
Examining data/libktorrent-2.2.0/src/net/socketgroup.h
Examining data/libktorrent-2.2.0/src/net/socketmonitor.cpp
Examining data/libktorrent-2.2.0/src/net/socketmonitor.h
Examining data/libktorrent-2.2.0/src/net/socks.cpp
Examining data/libktorrent-2.2.0/src/net/socks.h
Examining data/libktorrent-2.2.0/src/net/speed.cpp
Examining data/libktorrent-2.2.0/src/net/speed.h
Examining data/libktorrent-2.2.0/src/net/streamsocket.cpp
Examining data/libktorrent-2.2.0/src/net/streamsocket.h
Examining data/libktorrent-2.2.0/src/net/tests/polltest.cpp
Examining data/libktorrent-2.2.0/src/net/tests/wakeuppipetest.cpp
Examining data/libktorrent-2.2.0/src/net/trafficshapedsocket.cpp
Examining data/libktorrent-2.2.0/src/net/trafficshapedsocket.h
Examining data/libktorrent-2.2.0/src/net/uploadthread.cpp
Examining data/libktorrent-2.2.0/src/net/uploadthread.h
Examining data/libktorrent-2.2.0/src/net/wakeuppipe.cpp
Examining data/libktorrent-2.2.0/src/net/wakeuppipe.h
Examining data/libktorrent-2.2.0/src/peer/accessmanager.cpp
Examining data/libktorrent-2.2.0/src/peer/accessmanager.h
Examining data/libktorrent-2.2.0/src/peer/authenticate.cpp
Examining data/libktorrent-2.2.0/src/peer/authenticate.h
Examining data/libktorrent-2.2.0/src/peer/authenticatebase.cpp
Examining data/libktorrent-2.2.0/src/peer/authenticatebase.h
Examining data/libktorrent-2.2.0/src/peer/authenticationmonitor.cpp
Examining data/libktorrent-2.2.0/src/peer/authenticationmonitor.h
Examining data/libktorrent-2.2.0/src/peer/badpeerslist.cpp
Examining data/libktorrent-2.2.0/src/peer/badpeerslist.h
Examining data/libktorrent-2.2.0/src/peer/chunkcounter.cpp
Examining data/libktorrent-2.2.0/src/peer/chunkcounter.h
Examining data/libktorrent-2.2.0/src/peer/connectionlimit.cpp
Examining data/libktorrent-2.2.0/src/peer/connectionlimit.h
Examining data/libktorrent-2.2.0/src/peer/packetreader.cpp
Examining data/libktorrent-2.2.0/src/peer/packetreader.h
Examining data/libktorrent-2.2.0/src/peer/peer.cpp
Examining data/libktorrent-2.2.0/src/peer/peer.h
Examining data/libktorrent-2.2.0/src/peer/peerconnector.cpp
Examining data/libktorrent-2.2.0/src/peer/peerconnector.h
Examining data/libktorrent-2.2.0/src/peer/peerdownloader.cpp
Examining data/libktorrent-2.2.0/src/peer/peerdownloader.h
Examining data/libktorrent-2.2.0/src/peer/peerid.cpp
Examining data/libktorrent-2.2.0/src/peer/peerid.h
Examining data/libktorrent-2.2.0/src/peer/peermanager.cpp
Examining data/libktorrent-2.2.0/src/peer/peermanager.h
Examining data/libktorrent-2.2.0/src/peer/peerprotocolextension.cpp
Examining data/libktorrent-2.2.0/src/peer/peerprotocolextension.h
Examining data/libktorrent-2.2.0/src/peer/peeruploader.cpp
Examining data/libktorrent-2.2.0/src/peer/peeruploader.h
Examining data/libktorrent-2.2.0/src/peer/serverauthenticate.cpp
Examining data/libktorrent-2.2.0/src/peer/serverauthenticate.h
Examining data/libktorrent-2.2.0/src/peer/superseeder.cpp
Examining data/libktorrent-2.2.0/src/peer/superseeder.h
Examining data/libktorrent-2.2.0/src/peer/tests/accessmanagertest.cpp
Examining data/libktorrent-2.2.0/src/peer/tests/connectionlimittest.cpp
Examining data/libktorrent-2.2.0/src/peer/tests/packetreadertest.cpp
Examining data/libktorrent-2.2.0/src/peer/tests/superseedtest.cpp
Examining data/libktorrent-2.2.0/src/peer/utmetadata.cpp
Examining data/libktorrent-2.2.0/src/peer/utmetadata.h
Examining data/libktorrent-2.2.0/src/peer/utpex.cpp
Examining data/libktorrent-2.2.0/src/peer/utpex.h
Examining data/libktorrent-2.2.0/src/torrent/advancedchokealgorithm.cpp
Examining data/libktorrent-2.2.0/src/torrent/advancedchokealgorithm.h
Examining data/libktorrent-2.2.0/src/torrent/choker.cpp
Examining data/libktorrent-2.2.0/src/torrent/choker.h
Examining data/libktorrent-2.2.0/src/torrent/globals.cpp
Examining data/libktorrent-2.2.0/src/torrent/globals.h
Examining data/libktorrent-2.2.0/src/torrent/job.cpp
Examining data/libktorrent-2.2.0/src/torrent/job.h
Examining data/libktorrent-2.2.0/src/torrent/jobqueue.cpp
Examining data/libktorrent-2.2.0/src/torrent/jobqueue.h
Examining data/libktorrent-2.2.0/src/torrent/peersourcemanager.cpp
Examining data/libktorrent-2.2.0/src/torrent/peersourcemanager.h
Examining data/libktorrent-2.2.0/src/torrent/server.cpp
Examining data/libktorrent-2.2.0/src/torrent/server.h
Examining data/libktorrent-2.2.0/src/torrent/statsfile.cpp
Examining data/libktorrent-2.2.0/src/torrent/statsfile.h
Examining data/libktorrent-2.2.0/src/torrent/tests/statsfiletest.cpp
Examining data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp
Examining data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp
Examining data/libktorrent-2.2.0/src/torrent/timeestimator.cpp
Examining data/libktorrent-2.2.0/src/torrent/timeestimator.h
Examining data/libktorrent-2.2.0/src/torrent/torrent.cpp
Examining data/libktorrent-2.2.0/src/torrent/torrent.h
Examining data/libktorrent-2.2.0/src/torrent/torrentcontrol.cpp
Examining data/libktorrent-2.2.0/src/torrent/torrentcontrol.h
Examining data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp
Examining data/libktorrent-2.2.0/src/torrent/torrentcreator.h
Examining data/libktorrent-2.2.0/src/torrent/torrentfile.cpp
Examining data/libktorrent-2.2.0/src/torrent/torrentfile.h
Examining data/libktorrent-2.2.0/src/torrent/torrentfilestream.cpp
Examining data/libktorrent-2.2.0/src/torrent/torrentfilestream.h
Examining data/libktorrent-2.2.0/src/torrent/torrentstats.cpp
Examining data/libktorrent-2.2.0/src/torrent/torrentstats.h
Examining data/libktorrent-2.2.0/src/torrent/uploader.cpp
Examining data/libktorrent-2.2.0/src/torrent/uploader.h
Examining data/libktorrent-2.2.0/src/tracker/httpannouncejob.cpp
Examining data/libktorrent-2.2.0/src/tracker/httpannouncejob.h
Examining data/libktorrent-2.2.0/src/tracker/httptracker.cpp
Examining data/libktorrent-2.2.0/src/tracker/httptracker.h
Examining data/libktorrent-2.2.0/src/tracker/kioannouncejob.cpp
Examining data/libktorrent-2.2.0/src/tracker/kioannouncejob.h
Examining data/libktorrent-2.2.0/src/tracker/tracker.cpp
Examining data/libktorrent-2.2.0/src/tracker/tracker.h
Examining data/libktorrent-2.2.0/src/tracker/trackermanager.cpp
Examining data/libktorrent-2.2.0/src/tracker/trackermanager.h
Examining data/libktorrent-2.2.0/src/tracker/udptracker.cpp
Examining data/libktorrent-2.2.0/src/tracker/udptracker.h
Examining data/libktorrent-2.2.0/src/tracker/udptrackersocket.cpp
Examining data/libktorrent-2.2.0/src/tracker/udptrackersocket.h
Examining data/libktorrent-2.2.0/src/upnp/httprequest.cpp
Examining data/libktorrent-2.2.0/src/upnp/httprequest.h
Examining data/libktorrent-2.2.0/src/upnp/soap.cpp
Examining data/libktorrent-2.2.0/src/upnp/soap.h
Examining data/libktorrent-2.2.0/src/upnp/upnpdescriptionparser.cpp
Examining data/libktorrent-2.2.0/src/upnp/upnpdescriptionparser.h
Examining data/libktorrent-2.2.0/src/upnp/upnpmcastsocket.cpp
Examining data/libktorrent-2.2.0/src/upnp/upnpmcastsocket.h
Examining data/libktorrent-2.2.0/src/upnp/upnprouter.cpp
Examining data/libktorrent-2.2.0/src/upnp/upnprouter.h
Examining data/libktorrent-2.2.0/src/util/array.cpp
Examining data/libktorrent-2.2.0/src/util/array.h
Examining data/libktorrent-2.2.0/src/util/autorotatelogjob.cpp
Examining data/libktorrent-2.2.0/src/util/autorotatelogjob.h
Examining data/libktorrent-2.2.0/src/util/bitset.cpp
Examining data/libktorrent-2.2.0/src/util/bitset.h
Examining data/libktorrent-2.2.0/src/util/bufferpool.cpp
Examining data/libktorrent-2.2.0/src/util/bufferpool.h
Examining data/libktorrent-2.2.0/src/util/circularbuffer.cpp
Examining data/libktorrent-2.2.0/src/util/circularbuffer.h
Examining data/libktorrent-2.2.0/src/util/compressfilejob.cpp
Examining data/libktorrent-2.2.0/src/util/compressfilejob.h
Examining data/libktorrent-2.2.0/src/util/constants.h
Examining data/libktorrent-2.2.0/src/util/decompressfilejob.cpp
Examining data/libktorrent-2.2.0/src/util/decompressfilejob.h
Examining data/libktorrent-2.2.0/src/util/error.cpp
Examining data/libktorrent-2.2.0/src/util/error.h
Examining data/libktorrent-2.2.0/src/util/extractfilejob.cpp
Examining data/libktorrent-2.2.0/src/util/extractfilejob.h
Examining data/libktorrent-2.2.0/src/util/file.cpp
Examining data/libktorrent-2.2.0/src/util/file.h
Examining data/libktorrent-2.2.0/src/util/fileops.h
Examining data/libktorrent-2.2.0/src/util/functions.cpp
Examining data/libktorrent-2.2.0/src/util/functions.h
Examining data/libktorrent-2.2.0/src/util/log.cpp
Examining data/libktorrent-2.2.0/src/util/log.h
Examining data/libktorrent-2.2.0/src/util/logsystemmanager.cpp
Examining data/libktorrent-2.2.0/src/util/logsystemmanager.h
Examining data/libktorrent-2.2.0/src/util/pipe.cpp
Examining data/libktorrent-2.2.0/src/util/pipe.h
Examining data/libktorrent-2.2.0/src/util/ptrmap.cpp
Examining data/libktorrent-2.2.0/src/util/ptrmap.h
Examining data/libktorrent-2.2.0/src/util/resourcemanager.cpp
Examining data/libktorrent-2.2.0/src/util/resourcemanager.h
Examining data/libktorrent-2.2.0/src/util/sha1hash.cpp
Examining data/libktorrent-2.2.0/src/util/sha1hash.h
Examining data/libktorrent-2.2.0/src/util/sha1hashgen.cpp
Examining data/libktorrent-2.2.0/src/util/sha1hashgen.h
Examining data/libktorrent-2.2.0/src/util/signalcatcher.cpp
Examining data/libktorrent-2.2.0/src/util/signalcatcher.h
Examining data/libktorrent-2.2.0/src/util/tests/bufferpooltest.cpp
Examining data/libktorrent-2.2.0/src/util/tests/circularbuffertest.cpp
Examining data/libktorrent-2.2.0/src/util/tests/fileopstest.cpp
Examining data/libktorrent-2.2.0/src/util/tests/resourcemanagertest.cpp
Examining data/libktorrent-2.2.0/src/util/tests/signalcatchertest.cpp
Examining data/libktorrent-2.2.0/src/util/timer.cpp
Examining data/libktorrent-2.2.0/src/util/timer.h
Examining data/libktorrent-2.2.0/src/util/urlencoder.cpp
Examining data/libktorrent-2.2.0/src/util/urlencoder.h
Examining data/libktorrent-2.2.0/src/util/waitjob.cpp
Examining data/libktorrent-2.2.0/src/util/waitjob.h
Examining data/libktorrent-2.2.0/src/util/win32.cpp
Examining data/libktorrent-2.2.0/src/util/win32.h
Examining data/libktorrent-2.2.0/src/util/fileops.cpp
Examining data/libktorrent-2.2.0/src/utp/connection.cpp
Examining data/libktorrent-2.2.0/src/utp/connection.h
Examining data/libktorrent-2.2.0/src/utp/delaywindow.cpp
Examining data/libktorrent-2.2.0/src/utp/delaywindow.h
Examining data/libktorrent-2.2.0/src/utp/localwindow.cpp
Examining data/libktorrent-2.2.0/src/utp/localwindow.h
Examining data/libktorrent-2.2.0/src/utp/outputqueue.cpp
Examining data/libktorrent-2.2.0/src/utp/outputqueue.h
Examining data/libktorrent-2.2.0/src/utp/packetbuffer.cpp
Examining data/libktorrent-2.2.0/src/utp/packetbuffer.h
Examining data/libktorrent-2.2.0/src/utp/pollpipe.cpp
Examining data/libktorrent-2.2.0/src/utp/pollpipe.h
Examining data/libktorrent-2.2.0/src/utp/remotewindow.cpp
Examining data/libktorrent-2.2.0/src/utp/remotewindow.h
Examining data/libktorrent-2.2.0/src/utp/tests/congestiontest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/connectiontest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/connecttest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/delaywindowtest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/fintest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/localwindowtest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/packetbuffertest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/packetlosstest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/remotewindowtest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/sockettest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/timevaluetest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/transmittest.cpp
Examining data/libktorrent-2.2.0/src/utp/tests/utppolltest.cpp
Examining data/libktorrent-2.2.0/src/utp/timevalue.cpp
Examining data/libktorrent-2.2.0/src/utp/timevalue.h
Examining data/libktorrent-2.2.0/src/utp/utpprotocol.cpp
Examining data/libktorrent-2.2.0/src/utp/utpprotocol.h
Examining data/libktorrent-2.2.0/src/utp/utpserver.cpp
Examining data/libktorrent-2.2.0/src/utp/utpserver.h
Examining data/libktorrent-2.2.0/src/utp/utpserver_p.h
Examining data/libktorrent-2.2.0/src/utp/utpserverthread.cpp
Examining data/libktorrent-2.2.0/src/utp/utpserverthread.h
Examining data/libktorrent-2.2.0/src/utp/utpsocket.cpp
Examining data/libktorrent-2.2.0/src/utp/utpsocket.h
Examining data/libktorrent-2.2.0/src/version.cpp
Examining data/libktorrent-2.2.0/src/version.h
Examining data/libktorrent-2.2.0/testlib/dummytorrentcreator.cpp
Examining data/libktorrent-2.2.0/testlib/dummytorrentcreator.h
Examining data/libktorrent-2.2.0/testlib/utils.cpp
Examining data/libktorrent-2.2.0/testlib/utils.h
FINAL RESULTS:
data/libktorrent-2.2.0/src/util/sha1hash.cpp:83:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp,41,fmt,
data/libktorrent-2.2.0/src/dht/key.cpp:148:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Key Key::random()
data/libktorrent-2.2.0/src/dht/key.cpp:150:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/libktorrent-2.2.0/src/dht/key.h:72:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
static Key random();
data/libktorrent-2.2.0/src/dht/node.cpp:76:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dht::Key r = dht::Key::random();
data/libktorrent-2.2.0/src/dht/node.cpp:85:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dht::Key r = dht::Key::random();
data/libktorrent-2.2.0/src/mse/bigint.cpp:68:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
BigInt BigInt::random()
data/libktorrent-2.2.0/src/mse/bigint.cpp:74:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(now);
data/libktorrent-2.2.0/src/mse/bigint.h:84:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
static BigInt random();
data/libktorrent-2.2.0/src/mse/functions.cpp:41:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
priv = BigInt::random();
data/libktorrent-2.2.0/src/peer/peerid.cpp:53:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/libktorrent-2.2.0/src/torrent/advancedchokealgorithm.cpp:199:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Uint32 start = KRandom::random() % num_peers;
data/libktorrent-2.2.0/src/tracker/tracker.cpp:46:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:122:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File::Ptr fptr = open(tor,tflist.first());
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:181:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File::Ptr fptr = open(tor,tflist.at(i));
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:199:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File::Ptr MultiDataChecker::open(const bt::Torrent& tor, Uint32 idx)
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:207:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr->open(tf.getPathOnDisk(), "rb"))
data/libktorrent-2.2.0/src/datachecker/multidatachecker.h:43:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File::Ptr open(const Torrent & tor,Uint32 idx);
data/libktorrent-2.2.0/src/datachecker/singledatachecker.cpp:47:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(path,"rb"))
data/libktorrent-2.2.0/src/dht/database.cpp:71:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, addr.toIPv6Address().c, 16);
data/libktorrent-2.2.0/src/dht/database.cpp:153:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tdata, addr.toIPv6Address().c, 16);
data/libktorrent-2.2.0/src/dht/database.cpp:193:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tdata, addr.toIPv6Address().c, 16);
data/libktorrent-2.2.0/src/dht/getpeersrsp.cpp:137:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ip.c, d.data(), 16);
data/libktorrent-2.2.0/src/dht/kbucket.cpp:319:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, e.getAddress().toIPv6Address().c, 16);
data/libktorrent-2.2.0/src/dht/kbucket.cpp:354:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ip.c, addr.data(), 16);
data/libktorrent-2.2.0/src/dht/kbuckettable.cpp:149:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/dht/kbuckettable.cpp:184:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(file, "wb"))
data/libktorrent-2.2.0/src/dht/node.cpp:60:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(key_file, "wb"))
data/libktorrent-2.2.0/src/dht/node.cpp:73:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(key_file, "rb"))
data/libktorrent-2.2.0/src/dht/pack.cpp:43:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr,e.getID().getData(),20);
data/libktorrent-2.2.0/src/dht/pack.cpp:54:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr,e.getID().getData(),20);
data/libktorrent-2.2.0/src/dht/pack.cpp:55:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr + 20,addr.toIPv6Address().c,16);
data/libktorrent-2.2.0/src/dht/pack.cpp:74:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key,ptr,20);
data/libktorrent-2.2.0/src/dht/pack.cpp:89:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key,ptr,20);
data/libktorrent-2.2.0/src/diskio/cache.cpp:169:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/diskio/cache.cpp:183:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/diskio/cache.h:141:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open() = 0;
data/libktorrent-2.2.0/src/diskio/cachefile.cpp:82:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ok = fptr->open(QIODevice::ReadWrite)))
data/libktorrent-2.2.0/src/diskio/cachefile.cpp:85:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (mode == READ && (ok = fptr->open(QIODevice::ReadOnly)))
data/libktorrent-2.2.0/src/diskio/cachefile.cpp:99:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void CacheFile::open(const QString & path,Uint64 size)
data/libktorrent-2.2.0/src/diskio/cachefile.h:73:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const QString & path,Uint64 size);
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:154:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fptr.open(d->index_file, "wb");
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:195:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
d->cache->open();
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:437:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file_priority_file, "wb"))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:478:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file_priority_file, "rb"))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:936:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(index_file, "wb"))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:955:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(index_file, "r+b"))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:961:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(index_file, "r+b"))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:979:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(index_file, "rb"))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:1017:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file_info_file, "wb"))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:1048:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file_info_file, "rb"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:59:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "rb"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:88:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "wb"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:100:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "rb"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:116:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "rb"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:132:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "r+b"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:135:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "r+b"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:150:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "r+b"))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:153:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(path, "r+b"))
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:90:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:117:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:151:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void MultiFileCache::open()
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:168:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd->open(tf.getPathOnDisk(), tf.getSize());
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:400:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:480:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:572:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:689:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd->open(tf->getPathOnDisk(), tf->getSize());
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:705:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(src_file, "rb"))
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:744:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(output_file, "r+b"))
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:900:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cf->open(tf.getPathOnDisk(), tf.getSize());
data/libktorrent-2.2.0/src/diskio/multifilecache.h:51:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open() override;
data/libktorrent-2.2.0/src/diskio/piecedata.cpp:74:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr + off, buf, buf_size);
data/libktorrent-2.2.0/src/diskio/piecedata.cpp:87:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, ptr + off, to_read);
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:73:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:84:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:134:4: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:195:4: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:246:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void SingleFileCache::open()
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:252:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp->open(output_file, tor.getTotalSize());
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:259:4: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:284:4: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/libktorrent-2.2.0/src/diskio/singlefilecache.h:47:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open() override;
data/libktorrent-2.2.0/src/diskio/tests/chunkmanagertest.cpp:95:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
QVERIFY(memcpy(tmp,ptr->data(),20));
data/libktorrent-2.2.0/src/diskio/tests/preallocationtest.cpp:97:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cache.open();
data/libktorrent-2.2.0/src/diskio/tests/preallocationtest.cpp:122:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cache.open();
data/libktorrent-2.2.0/src/download/downloader.cpp:558:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file,"wb"))
data/libktorrent-2.2.0/src/download/downloader.cpp:595:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file,"rb"))
data/libktorrent-2.2.0/src/download/downloader.cpp:662:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file,"rb"))
data/libktorrent-2.2.0/src/download/downloader.cpp:877:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/download/downloader.cpp:900:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/download/packet.cpp:63:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data+5,bs.getData(),bs.getNumBytes());
data/libktorrent-2.2.0/src/download/packet.cpp:86:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + 6,ext_data.data(),ext_data.size());
data/libktorrent-2.2.0/src/interfaces/serverinterface.cpp:85:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,"req2",4);
data/libktorrent-2.2.0/src/interfaces/serverinterface.cpp:90:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+4,pm->getTorrent().getInfoHash().getData(),20);
data/libktorrent-2.2.0/src/magnet/metadatadownload.cpp:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(metadata.data() + off,piece_data.data(),size);
data/libktorrent-2.2.0/src/migrate/ccmigrate.cpp:39:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(current_chunks,"rb"))
data/libktorrent-2.2.0/src/mse/encryptedauthenticate.cpp:108:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf,"req1",4);
data/libktorrent-2.2.0/src/mse/encryptedauthenticate.cpp:114:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf,"req2",4);
data/libktorrent-2.2.0/src/mse/encryptedauthenticate.cpp:115:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf+4,info_hash.getData(),20);
data/libktorrent-2.2.0/src/mse/encryptedauthenticate.cpp:118:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf,"req3",4);
data/libktorrent-2.2.0/src/mse/encryptedauthenticate.cpp:152:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vc,rc4.encrypt(vc,8),8);
data/libktorrent-2.2.0/src/mse/encryptedpacketsocket.cpp:156:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,reinserted_data + reinserted_data_read,tr);
data/libktorrent-2.2.0/src/mse/encryptedpacketsocket.cpp:167:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,reinserted_data + reinserted_data_read,tr);
data/libktorrent-2.2.0/src/mse/encryptedpacketsocket.cpp:272:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinserted_data + off,d,size);
data/libktorrent-2.2.0/src/mse/encryptedserverauthenticate.cpp:83:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp,"req1",4);
data/libktorrent-2.2.0/src/mse/encryptedserverauthenticate.cpp:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp,"req3",4);
data/libktorrent-2.2.0/src/mse/functions.cpp:53:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,"key",3);
data/libktorrent-2.2.0/src/mse/functions.cpp:56:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 100,skey.getData(),20);
data/libktorrent-2.2.0/src/mse/tests/rc4encryptortest.cpp:68:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp,data,1024);
data/libktorrent-2.2.0/src/net/address.cpp:100:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin6_addr, toIPv6Address().c, 16);
data/libktorrent-2.2.0/src/net/reverseresolver.cpp:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[200];
data/libktorrent-2.2.0/src/net/reverseresolver.cpp:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service[200];
data/libktorrent-2.2.0/src/net/socks.cpp:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user_id[100];
data/libktorrent-2.2.0/src/net/socks.cpp:295:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req.ip,&ip,4);
data/libktorrent-2.2.0/src/net/socks.cpp:296:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req.user_id,"KTorrent");
data/libktorrent-2.2.0/src/net/socks.cpp:345:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + off,user.constData(),user.size());
data/libktorrent-2.2.0/src/net/socks.cpp:348:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + off,pwd.constData(),pwd.size());
data/libktorrent-2.2.0/src/net/socks.cpp:386:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req.ipv4.ip,&ip,4);
data/libktorrent-2.2.0/src/net/socks.cpp:394:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req.ipv6.ip,ip.c,16);
data/libktorrent-2.2.0/src/peer/authenticate.cpp:189:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[21];
data/libktorrent-2.2.0/src/peer/authenticate.cpp:191:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp,hs+48,20);
data/libktorrent-2.2.0/src/peer/authenticatebase.cpp:71:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hs+1,pstr,19);
data/libktorrent-2.2.0/src/peer/authenticatebase.cpp:77:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hs+28,info_hash.getData(),20);
data/libktorrent-2.2.0/src/peer/authenticatebase.cpp:78:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hs+48,our_peer_id.data(),20);
data/libktorrent-2.2.0/src/peer/packetreader.cpp:82:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(len + len_received, buf, size);
data/libktorrent-2.2.0/src/peer/packetreader.cpp:88:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(len + len_received, buf, 4 - len_received);
data/libktorrent-2.2.0/src/peer/packetreader.cpp:97:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(len, buf, size);
data/libktorrent-2.2.0/src/peer/packetreader.cpp:132:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pck->data.data() + pck->read, buf, tr);
data/libktorrent-2.2.0/src/peer/packetreader.cpp:140:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pck->data.data() + pck->read, buf, tr);
data/libktorrent-2.2.0/src/peer/peerid.cpp:54:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id, bt::PeerIDPrefix().toLatin1().constData(), 8);
data/libktorrent-2.2.0/src/peer/peerid.cpp:63:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id,pid,20);
data/libktorrent-2.2.0/src/peer/peerid.cpp:71:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id,pid.id,20);
data/libktorrent-2.2.0/src/peer/peerid.cpp:82:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id,pid.id,20);
data/libktorrent-2.2.0/src/peer/peerid.h:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[20];
data/libktorrent-2.2.0/src/peer/peermanager.cpp:271:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/peer/peermanager.cpp:303:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/peer/serverauthenticate.cpp:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[21];
data/libktorrent-2.2.0/src/peer/serverauthenticate.cpp:86:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp,hs+48,20);
data/libktorrent-2.2.0/src/peer/tests/packetreadertest.cpp:43:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(received_packet.data(), packet, size);
data/libktorrent-2.2.0/src/peer/utpex.cpp:165:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + size,&ip,4);
data/libktorrent-2.2.0/src/torrent/tests/statsfiletest.cpp:65:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(file.open());
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:101:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(!stream->open(QIODevice::ReadWrite));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:102:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(stream->open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:116:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(fptr.open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:136:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(!stream->open(QIODevice::ReadWrite));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:137:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(stream->open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:141:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(fptr.open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:89:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(!stream->open(QIODevice::ReadWrite));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:90:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(stream->open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:116:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(!stream->open(QIODevice::ReadWrite));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:117:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(stream->open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:163:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(!stream->open(QIODevice::ReadWrite));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:164:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(stream->open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:189:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(fptr.open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:230:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(!stream->open(QIODevice::ReadWrite));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:231:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(stream->open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:234:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(fptr.open(QIODevice::ReadOnly));
data/libktorrent-2.2.0/src/torrent/torrent.cpp:256:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h,hash_string.data()+i,20);
data/libktorrent-2.2.0/src/torrent/torrentcontrol.cpp:552:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:123:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(url, "wb"))
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:245:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(big_hash + (20 * i), hashes[i].getData(), 20);
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:254:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(target, "rb"))
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:290:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(target + f.getPath(), "rb"))
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:360:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(dd + QLatin1String("index"), "wb"))
data/libktorrent-2.2.0/src/torrent/torrentfilestream.cpp:107:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool TorrentFileStream::open(QIODevice::OpenMode mode)
data/libktorrent-2.2.0/src/torrent/torrentfilestream.cpp:115:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QIODevice::open(mode|QIODevice::Unbuffered);
data/libktorrent-2.2.0/src/torrent/torrentfilestream.h:52:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(QIODevice::OpenMode mode) override;
data/libktorrent-2.2.0/src/tracker/httptracker.cpp:390:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ip.c, arr.data() + i, 16);
data/libktorrent-2.2.0/src/tracker/trackermanager.cpp:392:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/tracker/trackermanager.cpp:404:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open( QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/tracker/trackermanager.cpp:420:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/tracker/trackermanager.cpp:439:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open( QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/tracker/udptracker.cpp:303:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+16,info_hash.getData(),20);
data/libktorrent-2.2.0/src/tracker/udptracker.cpp:304:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+36,peer_id.data(),20);
data/libktorrent-2.2.0/src/tracker/udptracker.cpp:349:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+16,info_hash.getData(),20);
data/libktorrent-2.2.0/src/upnp/upnpdescriptionparser.cpp:73:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/upnp/upnpmcastsocket.cpp:198:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/upnp/upnpmcastsocket.cpp:217:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/util/bitset.cpp:62:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,d,num_bytes);
data/libktorrent-2.2.0/src/util/circularbuffer.cpp:51:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr,r.first,to_read);
data/libktorrent-2.2.0/src/util/circularbuffer.cpp:55:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr,r.first,s);
data/libktorrent-2.2.0/src/util/circularbuffer.cpp:57:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr + s,r.first,to_read - s);
data/libktorrent-2.2.0/src/util/circularbuffer.cpp:79:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + write_pos,ptr,w);
data/libktorrent-2.2.0/src/util/circularbuffer.cpp:80:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,ptr + w,to_write - w);
data/libktorrent-2.2.0/src/util/circularbuffer.cpp:84:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + write_pos,ptr,to_write);
data/libktorrent-2.2.0/src/util/compressfilejob.cpp:44:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!in.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/util/compressfilejob.cpp:53:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!dev.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/util/compressfilejob.cpp:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libktorrent-2.2.0/src/util/decompressfilejob.cpp:44:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!out.open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/util/decompressfilejob.cpp:53:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!dev.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/util/decompressfilejob.cpp:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libktorrent-2.2.0/src/util/extractfilejob.cpp:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libktorrent-2.2.0/src/util/extractfilejob.cpp:107:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!out_dev->open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/util/file.cpp:44:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool File::open(const QString & file,const QString & mode)
data/libktorrent-2.2.0/src/util/file.cpp:53:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fptr = fopen(QFile::encodeName(file).constData(), mode.toUtf8().constData());
data/libktorrent-2.2.0/src/util/file.h:58:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const QString & file,const QString & mode);
data/libktorrent-2.2.0/src/util/fileops.cpp:311:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(url, QStringLiteral("wb")))
data/libktorrent-2.2.0/src/util/fileops.cpp:373:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = ::open(QFile::encodeName(path).constData(), O_RDWR | O_LARGEFILE);
data/libktorrent-2.2.0/src/util/fileops.cpp:418:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = ::open(QFile::encodeName(path).constData(), O_RDWR | O_LARGEFILE);
data/libktorrent-2.2.0/src/util/fileops.cpp:652:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/libktorrent-2.2.0/src/util/fileops.cpp:696:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fptr.open(QIODevice::ReadOnly))
data/libktorrent-2.2.0/src/util/log.cpp:115:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr->open(QIODevice::WriteOnly))
data/libktorrent-2.2.0/src/util/log.cpp:178:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fptr->open(QIODevice::WriteOnly);
data/libktorrent-2.2.0/src/util/sha1hash.cpp:45:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hash,h,20);
data/libktorrent-2.2.0/src/util/sha1hash.cpp:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[41];
data/libktorrent-2.2.0/src/util/sha1hash.cpp:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[81];
data/libktorrent-2.2.0/src/util/sha1hashgen.cpp:63:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result,h->final().constData(),20);
data/libktorrent-2.2.0/src/util/tests/signalcatchertest.cpp:104:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(tmp.open());
data/libktorrent-2.2.0/src/util/tests/signalcatchertest.cpp:124:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr,"Testing",7);
data/libktorrent-2.2.0/src/util/tests/signalcatchertest.cpp:137:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr,"Testing",7);
data/libktorrent-2.2.0/src/util/win32.cpp:407:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(noslash, filename, len - 1);
data/libktorrent-2.2.0/src/util/win32.cpp:420:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t message[1024];
data/libktorrent-2.2.0/src/util/win32.cpp:422:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/libktorrent-2.2.0/src/util/win32.cpp:424:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmessage[1024];
data/libktorrent-2.2.0/src/utp/localwindow.cpp:54:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, packet->get() + bytes_read, to_read);
data/libktorrent-2.2.0/src/utp/packetbuffer.cpp:97:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(payload, data, data_size);
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:104:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[20];
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[20];
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[20];
data/libktorrent-2.2.0/src/utp/tests/sockettest.cpp:100:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[20];
data/libktorrent-2.2.0/testlib/dummytorrentcreator.cpp:104:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly|QIODevice::Truncate))
data/libktorrent-2.2.0/testlib/dummytorrentcreator.cpp:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4096];
data/libktorrent-2.2.0/src/bcodec/bencoder.cpp:140:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QByteArray s = QStringLiteral("%1:%2").arg(strlen(str)).arg(QString::fromUtf8(str)).toUtf8();
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:127:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return fptr->read(buf,cs) == cs;
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:149:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
to_read = cs - read;
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:166:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = dfd.readLastChunk(buf + read,0,to_read);
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:168:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = dfd.readFirstChunk(buf + read,0,to_read);
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:185:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fptr->read(buf+read,to_read) != to_read)
data/libktorrent-2.2.0/src/datachecker/multidatachecker.cpp:185:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fptr->read(buf+read,to_read) != to_read)
data/libktorrent-2.2.0/src/datachecker/singledatachecker.cpp:70:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(buf,size);
data/libktorrent-2.2.0/src/dht/node.cpp:83:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fptr.read(data, 20) != 20)
data/libktorrent-2.2.0/src/diskio/cachefile.cpp:365:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void CacheFile::read(Uint8* buf,Uint32 size,Uint64 off)
data/libktorrent-2.2.0/src/diskio/cachefile.cpp:388:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((sz = fptr->read((char*)buf,size)) != size)
data/libktorrent-2.2.0/src/diskio/cachefile.h:108:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(Uint8* buf,Uint32 size,Uint64 off);
data/libktorrent-2.2.0/src/diskio/chunk.cpp:46:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return d->read(data,len) == len;
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:488:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fptr.read(&num, sizeof(Uint32)) != sizeof(Uint32) || num > 2 * tor.getNumFiles())
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:496:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fptr.read(buf, sizeof(Uint32)*num) != sizeof(Uint32)*num)
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:995:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(&hdr, sizeof(NewChunkHeader));
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:1053:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fptr.read(&num, sizeof(Uint32)) != sizeof(Uint32))
data/libktorrent-2.2.0/src/diskio/chunkmanager.cpp:1061:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fptr.read(&tmp, sizeof(Uint32)) != sizeof(Uint32))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:66:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(fptr.read(&hdr, sizeof(DNDFileHeader)) != sizeof(DNDFileHeader))
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:110:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return fptr.read(buf, size);
data/libktorrent-2.2.0/src/diskio/dndfile.cpp:126:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return fptr.read(buf, size);
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:502:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fd->read(piece->data(), length, piece_off);
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:550:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fd->read(ptr, read_length, read_offset);
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:713:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(tmp, cs - tf->getFirstChunkOffset());
data/libktorrent-2.2.0/src/diskio/multifilecache.cpp:720:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(tmp, tf->getLastChunkSize());
data/libktorrent-2.2.0/src/diskio/piecedata.cpp:79:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 PieceData::read(Uint8* buf, Uint32 to_read, Uint32 off)
data/libktorrent-2.2.0/src/diskio/piecedata.cpp:113:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return file.read(ptr + off, size);
data/libktorrent-2.2.0/src/diskio/piecedata.h:98:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 read(Uint8* buf, Uint32 to_read, Uint32 off = 0);
data/libktorrent-2.2.0/src/diskio/singlefilecache.cpp:177:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fd->read(cp->data(), length, piece_off);
data/libktorrent-2.2.0/src/download/chunkdownload.cpp:442:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.read(pieces.getData(),pieces.getNumBytes());
data/libktorrent-2.2.0/src/download/chunkdownload.cpp:447:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (file.read(&num_pieces_to_follow,sizeof(Uint32)) != sizeof(Uint32) || num_pieces_to_follow > num)
data/libktorrent-2.2.0/src/download/chunkdownload.cpp:453:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (file.read(&phdr,sizeof(PieceHeader)) != sizeof(PieceHeader))
data/libktorrent-2.2.0/src/download/downloader.cpp:602:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(&chdr,sizeof(CurrentChunksHeader));
data/libktorrent-2.2.0/src/download/downloader.cpp:614:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(&hdr,sizeof(ChunkDownloadHeader));
data/libktorrent-2.2.0/src/download/downloader.cpp:667:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(&chdr,sizeof(CurrentChunksHeader));
data/libktorrent-2.2.0/src/download/downloader.cpp:680:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(&hdr,sizeof(ChunkDownloadHeader));
data/libktorrent-2.2.0/src/migrate/ccmigrate.cpp:43:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(&chdr,sizeof(CurrentChunksHeader));
data/libktorrent-2.2.0/src/net/socketgroup.cpp:53:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
s->read(0,now);
data/libktorrent-2.2.0/src/net/socketgroup.cpp:79:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = s->read(as,now);
data/libktorrent-2.2.0/src/net/socks.cpp:209:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size() const {return 8 + strlen(user_id) + 1;}
data/libktorrent-2.2.0/src/net/tests/polltest.cpp:66:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(pipe.read(tmp,20) == 4);
data/libktorrent-2.2.0/src/net/tests/polltest.cpp:101:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(pipe.read(tmp,20) == 4);
data/libktorrent-2.2.0/src/net/trafficshapedsocket.cpp:113:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 TrafficShapedSocket::read(bt::Uint32 max_bytes_to_read, bt::TimeStamp now)
data/libktorrent-2.2.0/src/net/trafficshapedsocket.h:74:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual Uint32 read(Uint32 max_bytes_to_read, bt::TimeStamp now);
data/libktorrent-2.2.0/src/net/wakeuppipe.cpp:55:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ret = bt::Pipe::read(buf,20);
data/libktorrent-2.2.0/src/peer/packetreader.cpp:31:83: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
IncomingPacket::IncomingPacket(Uint32 size) : data(new Uint8[size]), size(size), read(0)
data/libktorrent-2.2.0/src/peer/packetreader.cpp:53:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (pck->read != pck->size)
data/libktorrent-2.2.0/src/peer/packetreader.cpp:131:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 tr = pck->size - pck->read;
data/libktorrent-2.2.0/src/peer/packetreader.cpp:132:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(pck->data.data() + pck->read, buf, tr);
data/libktorrent-2.2.0/src/peer/packetreader.cpp:140:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(pck->data.data() + pck->read, buf, tr);
data/libktorrent-2.2.0/src/peer/packetreader.h:37:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 read;
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:109:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 ret = stream->read(tmp.data(), stream->size());
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:118:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(fptr.read(tmp2.data(), stream->size()) == stream->size());
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:150:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(stream->read(sdata.data(), 256) == 256);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreammultitest.cpp:153:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(fptr.read(fdata.data(), 256) == 256);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:97:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 ret = stream->read(tmp.data(), tc.getStats().chunk_size);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:139:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 ret = stream->read(tmp.data() + split, chunk_size - split);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:144:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = stream->read(tmp.data(), split);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:180:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 ret = stream->read(range.data() + bytes_read, range_size - bytes_read);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:192:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(fptr.read(tmp.data(), range_size) == range_size);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:241:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(stream->read(tmp.data(), 100) == 100);
data/libktorrent-2.2.0/src/torrent/tests/torrentfilestreamtest.cpp:246:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(fptr.read(tmp2.data(), 100) == 100);
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:260:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(buf, s);
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:310:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
to_read = s - read;
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:316:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(buf + read, to_read);
data/libktorrent-2.2.0/src/torrent/torrentcreator.cpp:316:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(buf + read, to_read);
data/libktorrent-2.2.0/src/torrent/torrentfilestream.cpp:428:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
current_chunk_data->read((bt::Uint8*)data,allowed,current_chunk_offset);
data/libktorrent-2.2.0/src/upnp/upnpmcastsocket.cpp:123:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeDatagram(upnp_data,strlen(upnp_data),QHostAddress("239.255.255.250"),1900);
data/libktorrent-2.2.0/src/upnp/upnpmcastsocket.cpp:124:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeDatagram(tr64_data,strlen(tr64_data),QHostAddress("239.255.255.250"),1900);
data/libktorrent-2.2.0/src/upnp/upnpmcastsocket.cpp:161:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
::read(fd,&tmp,1);
data/libktorrent-2.2.0/src/util/circularbuffer.cpp:40:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bt::Uint32 CircularBuffer::read(bt::Uint8* ptr, bt::Uint32 max_len)
data/libktorrent-2.2.0/src/util/circularbuffer.h:46:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bt::Uint32 read(bt::Uint8* ptr,bt::Uint32 max_len);
data/libktorrent-2.2.0/src/util/compressfilejob.cpp:64:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len = in.read(buf,4096);
data/libktorrent-2.2.0/src/util/decompressfilejob.cpp:64:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len = dev.read(buf,4096);
data/libktorrent-2.2.0/src/util/extractfilejob.cpp:44:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ret = in_dev->read(buf,4096)) != 0 && !canceled)
data/libktorrent-2.2.0/src/util/file.cpp:89:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 File::read(void* buf,Uint32 size)
data/libktorrent-2.2.0/src/util/file.h:86:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 read(void* buf,Uint32 size);
data/libktorrent-2.2.0/src/util/pipe.cpp:100:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int Pipe::read(Uint8* buffer, int max_len)
data/libktorrent-2.2.0/src/util/pipe.cpp:103:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return ::read(reader,buffer,max_len);
data/libktorrent-2.2.0/src/util/pipe.h:49:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(Uint8* buffer,int max_len);
data/libktorrent-2.2.0/src/util/sha1hash.cpp:80:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(fmt + 4*i,"%02x",4);
data/libktorrent-2.2.0/src/util/signalcatcher.cpp:133:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
::read(fd, &sig, sizeof(int));
data/libktorrent-2.2.0/src/util/tests/circularbuffertest.cpp:72:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(wnd.read(ret,19) == 19);
data/libktorrent-2.2.0/src/util/tests/circularbuffertest.cpp:83:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(wnd.read(ret,19) == 19);
data/libktorrent-2.2.0/src/util/tests/circularbuffertest.cpp:107:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(cbuf.read(ret,expected) == expected);
data/libktorrent-2.2.0/src/util/win32.cpp:399:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/libktorrent-2.2.0/src/utp/connection.cpp:547:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bt::Uint32 ret = local_wnd->read(buf, max_len);
data/libktorrent-2.2.0/src/utp/localwindow.cpp:48:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bt::Uint32 WindowPacket::read(bt::Uint8* dst, bt::Uint32 max_len)
data/libktorrent-2.2.0/src/utp/localwindow.cpp:106:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bt::Uint32 LocalWindow::read(bt::Uint8* data, bt::Uint32 max_len)
data/libktorrent-2.2.0/src/utp/localwindow.cpp:113:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bt::Uint32 ret = pkt.read(data + written, max_len - written);
data/libktorrent-2.2.0/src/utp/localwindow.h:44:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bt::Uint32 read(bt::Uint8* dst, bt::Uint32 max_len);
data/libktorrent-2.2.0/src/utp/localwindow.h:85:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bt::Uint32 read(bt::Uint8* data, bt::Uint32 max_len);
data/libktorrent-2.2.0/src/utp/packetbuffer.cpp:84:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cbuf.read(payload, to_read);
data/libktorrent-2.2.0/src/utp/tests/congestiontest.cpp:87:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = outgoing->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/fintest.cpp:90:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outgoing->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/fintest.cpp:97:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QVERIFY(ret == (int)strlen(test));
data/libktorrent-2.2.0/src/utp/tests/fintest.cpp:98:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QVERIFY(memcmp(tmp,test,strlen(test)) == 0);
data/libktorrent-2.2.0/src/utp/tests/localwindowtest.cpp:93:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(wnd.read(wdata,300) == 300);
data/libktorrent-2.2.0/src/utp/tests/localwindowtest.cpp:122:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(wnd.read(wdata,600) == 500);
data/libktorrent-2.2.0/src/utp/tests/localwindowtest.cpp:309:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVERIFY(wnd.read(wdata,300) == 300);
data/libktorrent-2.2.0/src/utp/tests/packetbuffertest.cpp:73:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr2.read(pbuf.data());
data/libktorrent-2.2.0/src/utp/tests/packetbuffertest.cpp:82:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr3.read(pbuf.data());
data/libktorrent-2.2.0/src/utp/tests/packetlosstest.cpp:97:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = outgoing->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:101:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = outgoing->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:102:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QVERIFY(ret == (int)strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:131:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outgoing->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:132:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
incoming->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:151:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outgoing->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sendtest.cpp:152:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outgoing->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sockettest.cpp:97:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = a->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/sockettest.cpp:98:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QVERIFY(ret == (int)strlen(test));
data/libktorrent-2.2.0/src/utp/tests/utppolltest.cpp:156:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = outgoing[i]->send((const bt::Uint8*)test,strlen(test));
data/libktorrent-2.2.0/src/utp/tests/utppolltest.cpp:157:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QVERIFY(ret == (int)strlen(test));
data/libktorrent-2.2.0/src/utp/tests/utppolltest.cpp:178:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QVERIFY(incoming[i]->recv(tmp,20) == (int)strlen(test));
data/libktorrent-2.2.0/src/utp/tests/utppolltest.cpp:179:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
QVERIFY(memcmp(tmp,test,strlen(test)) == 0);
data/libktorrent-2.2.0/src/utp/utpprotocol.cpp:43:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void Header::read(const bt::Uint8* data)
data/libktorrent-2.2.0/src/utp/utpprotocol.cpp:77:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr.read(packet);
data/libktorrent-2.2.0/src/utp/utpprotocol.cpp:83:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hdr.read(packet);
data/libktorrent-2.2.0/src/utp/utpprotocol.h:61:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(const bt::Uint8* data);
ANALYSIS SUMMARY:
Hits = 341
Lines analyzed = 67144 in approximately 1.74 seconds (38669 lines/second)
Physical Source Lines of Code (SLOC) = 41834
Hits@level = [0] 38 [1] 119 [2] 209 [3] 12 [4] 1 [5] 0
Hits@level+ = [0+] 379 [1+] 341 [2+] 222 [3+] 13 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 9.05962 [1+] 8.15126 [2+] 5.30669 [3+] 0.310752 [4+] 0.023904 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.