Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pulseview-0.4.2/pv/strnatcmp.hpp
Examining data/pulseview-0.4.2/pv/application.hpp
Examining data/pulseview-0.4.2/pv/views/viewbase.cpp
Examining data/pulseview-0.4.2/pv/views/decoder_binary/QHexView.cpp
Examining data/pulseview-0.4.2/pv/views/decoder_binary/QHexView.hpp
Examining data/pulseview-0.4.2/pv/views/decoder_binary/view.cpp
Examining data/pulseview-0.4.2/pv/views/decoder_binary/view.hpp
Examining data/pulseview-0.4.2/pv/views/viewbase.hpp
Examining data/pulseview-0.4.2/pv/views/trace/signal.hpp
Examining data/pulseview-0.4.2/pv/views/trace/trace.hpp
Examining data/pulseview-0.4.2/pv/views/trace/standardbar.cpp
Examining data/pulseview-0.4.2/pv/views/trace/tracepalette.hpp
Examining data/pulseview-0.4.2/pv/views/trace/viewitemowner.cpp
Examining data/pulseview-0.4.2/pv/views/trace/header.hpp
Examining data/pulseview-0.4.2/pv/views/trace/tracetreeitemowner.cpp
Examining data/pulseview-0.4.2/pv/views/trace/decodetrace.cpp
Examining data/pulseview-0.4.2/pv/views/trace/logicsignal.hpp
Examining data/pulseview-0.4.2/pv/views/trace/viewwidget.hpp
Examining data/pulseview-0.4.2/pv/views/trace/tracetreeitem.cpp
Examining data/pulseview-0.4.2/pv/views/trace/cursor.cpp
Examining data/pulseview-0.4.2/pv/views/trace/analogsignal.hpp
Examining data/pulseview-0.4.2/pv/views/trace/flag.hpp
Examining data/pulseview-0.4.2/pv/views/trace/cursorpair.hpp
Examining data/pulseview-0.4.2/pv/views/trace/tracegroup.cpp
Examining data/pulseview-0.4.2/pv/views/trace/cursor.hpp
Examining data/pulseview-0.4.2/pv/views/trace/timemarker.cpp
Examining data/pulseview-0.4.2/pv/views/trace/timeitem.cpp
Examining data/pulseview-0.4.2/pv/views/trace/marginwidget.cpp
Examining data/pulseview-0.4.2/pv/views/trace/viewitempaintparams.hpp
Examining data/pulseview-0.4.2/pv/views/trace/timemarker.hpp
Examining data/pulseview-0.4.2/pv/views/trace/signal.cpp
Examining data/pulseview-0.4.2/pv/views/trace/triggermarker.cpp
Examining data/pulseview-0.4.2/pv/views/trace/tracepalette.cpp
Examining data/pulseview-0.4.2/pv/views/trace/viewwidget.cpp
Examining data/pulseview-0.4.2/pv/views/trace/trace.cpp
Examining data/pulseview-0.4.2/pv/views/trace/viewitempaintparams.cpp
Examining data/pulseview-0.4.2/pv/views/trace/viewitem.hpp
Examining data/pulseview-0.4.2/pv/views/trace/ruler.hpp
Examining data/pulseview-0.4.2/pv/views/trace/view.cpp
Examining data/pulseview-0.4.2/pv/views/trace/flag.cpp
Examining data/pulseview-0.4.2/pv/views/trace/header.cpp
Examining data/pulseview-0.4.2/pv/views/trace/tracetreeitemowner.hpp
Examining data/pulseview-0.4.2/pv/views/trace/marginwidget.hpp
Examining data/pulseview-0.4.2/pv/views/trace/timeitem.hpp
Examining data/pulseview-0.4.2/pv/views/trace/logicsignal.cpp
Examining data/pulseview-0.4.2/pv/views/trace/tracegroup.hpp
Examining data/pulseview-0.4.2/pv/views/trace/viewitemowner.hpp
Examining data/pulseview-0.4.2/pv/views/trace/triggermarker.hpp
Examining data/pulseview-0.4.2/pv/views/trace/viewitemiterator.hpp
Examining data/pulseview-0.4.2/pv/views/trace/view.hpp
Examining data/pulseview-0.4.2/pv/views/trace/tracetreeitem.hpp
Examining data/pulseview-0.4.2/pv/views/trace/ruler.cpp
Examining data/pulseview-0.4.2/pv/views/trace/cursorpair.cpp
Examining data/pulseview-0.4.2/pv/views/trace/analogsignal.cpp
Examining data/pulseview-0.4.2/pv/views/trace/viewitem.cpp
Examining data/pulseview-0.4.2/pv/views/trace/viewport.cpp
Examining data/pulseview-0.4.2/pv/views/trace/decodetrace.hpp
Examining data/pulseview-0.4.2/pv/views/trace/viewport.hpp
Examining data/pulseview-0.4.2/pv/views/trace/standardbar.hpp
Examining data/pulseview-0.4.2/pv/devicemanager.cpp
Examining data/pulseview-0.4.2/pv/application.cpp
Examining data/pulseview-0.4.2/pv/dialogs/settings.cpp
Examining data/pulseview-0.4.2/pv/dialogs/connect.cpp
Examining data/pulseview-0.4.2/pv/dialogs/storeprogress.cpp
Examining data/pulseview-0.4.2/pv/dialogs/inputoutputoptions.cpp
Examining data/pulseview-0.4.2/pv/dialogs/settings.hpp
Examining data/pulseview-0.4.2/pv/dialogs/inputoutputoptions.hpp
Examining data/pulseview-0.4.2/pv/dialogs/storeprogress.hpp
Examining data/pulseview-0.4.2/pv/dialogs/connect.hpp
Examining data/pulseview-0.4.2/pv/data/signalbase.cpp
Examining data/pulseview-0.4.2/pv/data/decodesignal.cpp
Examining data/pulseview-0.4.2/pv/data/decode/row.hpp
Examining data/pulseview-0.4.2/pv/data/decode/annotation.hpp
Examining data/pulseview-0.4.2/pv/data/decode/decoder.hpp
Examining data/pulseview-0.4.2/pv/data/decode/decoder.cpp
Examining data/pulseview-0.4.2/pv/data/decode/annotation.cpp
Examining data/pulseview-0.4.2/pv/data/decode/rowdata.cpp
Examining data/pulseview-0.4.2/pv/data/decode/rowdata.hpp
Examining data/pulseview-0.4.2/pv/data/decode/row.cpp
Examining data/pulseview-0.4.2/pv/data/segment.hpp
Examining data/pulseview-0.4.2/pv/data/signalbase.hpp
Examining data/pulseview-0.4.2/pv/data/decodesignal.hpp
Examining data/pulseview-0.4.2/pv/data/logicsegment.cpp
Examining data/pulseview-0.4.2/pv/data/analog.cpp
Examining data/pulseview-0.4.2/pv/data/analogsegment.hpp
Examining data/pulseview-0.4.2/pv/data/logic.hpp
Examining data/pulseview-0.4.2/pv/data/signaldata.hpp
Examining data/pulseview-0.4.2/pv/data/segment.cpp
Examining data/pulseview-0.4.2/pv/data/signaldata.cpp
Examining data/pulseview-0.4.2/pv/data/analogsegment.cpp
Examining data/pulseview-0.4.2/pv/data/logicsegment.hpp
Examining data/pulseview-0.4.2/pv/data/logic.cpp
Examining data/pulseview-0.4.2/pv/data/analog.hpp
Examining data/pulseview-0.4.2/pv/globalsettings.hpp
Examining data/pulseview-0.4.2/pv/globalsettings.cpp
Examining data/pulseview-0.4.2/pv/storesession.hpp
Examining data/pulseview-0.4.2/pv/devicemanager.hpp
Examining data/pulseview-0.4.2/pv/prop/enum.hpp
Examining data/pulseview-0.4.2/pv/prop/string.cpp
Examining data/pulseview-0.4.2/pv/prop/int.cpp
Examining data/pulseview-0.4.2/pv/prop/bool.hpp
Examining data/pulseview-0.4.2/pv/prop/double.hpp
Examining data/pulseview-0.4.2/pv/prop/enum.cpp
Examining data/pulseview-0.4.2/pv/prop/property.cpp
Examining data/pulseview-0.4.2/pv/prop/int.hpp
Examining data/pulseview-0.4.2/pv/prop/bool.cpp
Examining data/pulseview-0.4.2/pv/prop/property.hpp
Examining data/pulseview-0.4.2/pv/prop/string.hpp
Examining data/pulseview-0.4.2/pv/prop/double.cpp
Examining data/pulseview-0.4.2/pv/session.cpp
Examining data/pulseview-0.4.2/pv/mainwindow.cpp
Examining data/pulseview-0.4.2/pv/toolbars/mainbar.hpp
Examining data/pulseview-0.4.2/pv/toolbars/mainbar.cpp
Examining data/pulseview-0.4.2/pv/binding/device.cpp
Examining data/pulseview-0.4.2/pv/binding/binding.hpp
Examining data/pulseview-0.4.2/pv/binding/inputoutput.cpp
Examining data/pulseview-0.4.2/pv/binding/inputoutput.hpp
Examining data/pulseview-0.4.2/pv/binding/decoder.hpp
Examining data/pulseview-0.4.2/pv/binding/decoder.cpp
Examining data/pulseview-0.4.2/pv/binding/binding.cpp
Examining data/pulseview-0.4.2/pv/binding/device.hpp
Examining data/pulseview-0.4.2/pv/util.cpp
Examining data/pulseview-0.4.2/pv/widgets/decodergroupbox.cpp
Examining data/pulseview-0.4.2/pv/widgets/popuptoolbutton.hpp
Examining data/pulseview-0.4.2/pv/widgets/timestampspinbox.cpp
Examining data/pulseview-0.4.2/pv/widgets/flowlayout.cpp
Examining data/pulseview-0.4.2/pv/widgets/importmenu.hpp
Examining data/pulseview-0.4.2/pv/widgets/sweeptimingwidget.hpp
Examining data/pulseview-0.4.2/pv/widgets/flowlayout.hpp
Examining data/pulseview-0.4.2/pv/widgets/popup.cpp
Examining data/pulseview-0.4.2/pv/widgets/devicetoolbutton.cpp
Examining data/pulseview-0.4.2/pv/widgets/sweeptimingwidget.cpp
Examining data/pulseview-0.4.2/pv/widgets/colorbutton.cpp
Examining data/pulseview-0.4.2/pv/widgets/exportmenu.hpp
Examining data/pulseview-0.4.2/pv/widgets/colorpopup.hpp
Examining data/pulseview-0.4.2/pv/widgets/timestampspinbox.hpp
Examining data/pulseview-0.4.2/pv/widgets/popup.hpp
Examining data/pulseview-0.4.2/pv/widgets/devicetoolbutton.hpp
Examining data/pulseview-0.4.2/pv/widgets/importmenu.cpp
Examining data/pulseview-0.4.2/pv/widgets/colorbutton.hpp
Examining data/pulseview-0.4.2/pv/widgets/decodermenu.hpp
Examining data/pulseview-0.4.2/pv/widgets/decodermenu.cpp
Examining data/pulseview-0.4.2/pv/widgets/colorpopup.cpp
Examining data/pulseview-0.4.2/pv/widgets/decodergroupbox.hpp
Examining data/pulseview-0.4.2/pv/widgets/wellarray.cpp
Examining data/pulseview-0.4.2/pv/widgets/exportmenu.cpp
Examining data/pulseview-0.4.2/pv/widgets/wellarray.hpp
Examining data/pulseview-0.4.2/pv/widgets/popuptoolbutton.cpp
Examining data/pulseview-0.4.2/pv/mainwindow.hpp
Examining data/pulseview-0.4.2/pv/session.hpp
Examining data/pulseview-0.4.2/pv/storesession.cpp
Examining data/pulseview-0.4.2/pv/subwindows/subwindowbase.cpp
Examining data/pulseview-0.4.2/pv/subwindows/decoder_selector/subwindow.hpp
Examining data/pulseview-0.4.2/pv/subwindows/decoder_selector/subwindow.cpp
Examining data/pulseview-0.4.2/pv/subwindows/decoder_selector/model.cpp
Examining data/pulseview-0.4.2/pv/subwindows/decoder_selector/item.cpp
Examining data/pulseview-0.4.2/pv/subwindows/subwindowbase.hpp
Examining data/pulseview-0.4.2/pv/popups/deviceoptions.cpp
Examining data/pulseview-0.4.2/pv/popups/channels.hpp
Examining data/pulseview-0.4.2/pv/popups/channels.cpp
Examining data/pulseview-0.4.2/pv/popups/deviceoptions.hpp
Examining data/pulseview-0.4.2/pv/util.hpp
Examining data/pulseview-0.4.2/pv/logging.hpp
Examining data/pulseview-0.4.2/pv/logging.cpp
Examining data/pulseview-0.4.2/pv/devices/device.cpp
Examining data/pulseview-0.4.2/pv/devices/inputfile.hpp
Examining data/pulseview-0.4.2/pv/devices/file.hpp
Examining data/pulseview-0.4.2/pv/devices/sessionfile.cpp
Examining data/pulseview-0.4.2/pv/devices/hardwaredevice.hpp
Examining data/pulseview-0.4.2/pv/devices/sessionfile.hpp
Examining data/pulseview-0.4.2/pv/devices/device.hpp
Examining data/pulseview-0.4.2/pv/devices/file.cpp
Examining data/pulseview-0.4.2/pv/devices/inputfile.cpp
Examining data/pulseview-0.4.2/pv/devices/hardwaredevice.cpp
Examining data/pulseview-0.4.2/main.cpp
Examining data/pulseview-0.4.2/extdef.h
Examining data/pulseview-0.4.2/signalhandler.hpp
Examining data/pulseview-0.4.2/android/loghandler.cpp
Examining data/pulseview-0.4.2/android/loghandler.hpp
Examining data/pulseview-0.4.2/android/assetreader.hpp
Examining data/pulseview-0.4.2/android/assetreader.cpp
Examining data/pulseview-0.4.2/signalhandler.cpp
Examining data/pulseview-0.4.2/test/test.cpp
Examining data/pulseview-0.4.2/test/test.hpp
Examining data/pulseview-0.4.2/test/data/logicsegment.cpp
Examining data/pulseview-0.4.2/test/data/decoderstack.cpp
Examining data/pulseview-0.4.2/test/data/segment.cpp
Examining data/pulseview-0.4.2/test/data/analogsegment.cpp
Examining data/pulseview-0.4.2/test/util.cpp
Examining data/pulseview-0.4.2/test/view/ruler.cpp
FINAL RESULTS:
data/pulseview-0.4.2/main.cpp:210:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
const int c = getopt_long(argc, argv,
data/pulseview-0.4.2/android/assetreader.cpp:35:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void AndroidAssetReader::open(struct sr_resource *res, string name)
data/pulseview-0.4.2/android/assetreader.cpp:45:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file->open(QIODevice::ReadOnly))
data/pulseview-0.4.2/android/assetreader.hpp:36:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(struct sr_resource *res, string name) override;
data/pulseview-0.4.2/main.cpp:108:4: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QFile::ReadOnly | QFile::Text);
data/pulseview-0.4.2/main.cpp:227:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int loglevel = atoi(optarg);
data/pulseview-0.4.2/pv/data/analogsegment.cpp:146:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.samples, envelope_levels_[min_level].samples + start,
data/pulseview-0.4.2/pv/data/decodesignal.cpp:574:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->data() + offset, chunk.data.data(), chunk.data.size());
data/pulseview-0.4.2/pv/data/decodesignal.cpp:617:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->data() + dest_offset, chunk.data.data(), chunk.data.size());
data/pulseview-0.4.2/pv/data/decodesignal.cpp:1484:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chunk->data.data(), pdb->data, pdb->size);
data/pulseview-0.4.2/pv/data/segment.cpp:125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resized_chunk, current_chunk_, used_samples_ * unit_size_);
data/pulseview-0.4.2/pv/data/segment.cpp:142:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(current_chunk_ + (used_samples_ * unit_size_), data, unit_size_);
data/pulseview-0.4.2/pv/data/segment.cpp:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)dest, (void*)src, (copy_count * unit_size_));
data/pulseview-0.4.2/pv/data/segment.cpp:235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_ptr, chunk + chunk_offs, copy_size);
data/pulseview-0.4.2/pv/devices/device.hpp:69:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open() = 0;
data/pulseview-0.4.2/pv/devices/hardwaredevice.cpp:114:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void HardwareDevice::open()
data/pulseview-0.4.2/pv/devices/hardwaredevice.cpp:120:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
device_->open();
data/pulseview-0.4.2/pv/devices/hardwaredevice.hpp:58:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/pulseview-0.4.2/pv/devices/inputfile.cpp:113:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void InputFile::open()
data/pulseview-0.4.2/pv/devices/inputfile.hpp:61:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/pulseview-0.4.2/pv/devices/sessionfile.cpp:39:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void SessionFile::open()
data/pulseview-0.4.2/pv/devices/sessionfile.hpp:43:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/pulseview-0.4.2/pv/dialogs/settings.cpp:798:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly | QIODevice::Truncate | QIODevice::Text)) {
data/pulseview-0.4.2/pv/globalsettings.cpp:206:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QFile::ReadOnly | QFile::Text);
data/pulseview-0.4.2/pv/session.cpp:527:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
device_->open();
data/pulseview-0.4.2/pv/storesession.cpp:179:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output_stream_.open(file_name_, ios_base::binary |
data/pulseview-0.4.2/pv/views/decoder_binary/view.cpp:264:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly | QIODevice::Truncate)) {
data/pulseview-0.4.2/pv/views/decoder_binary/view.cpp:304:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly | QIODevice::Truncate | QIODevice::Text)) {
data/pulseview-0.4.2/pv/views/trace/decodetrace.cpp:1231:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly | QIODevice::Truncate | QIODevice::Text)) {
data/pulseview-0.4.2/android/assetreader.cpp:72:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t AndroidAssetReader::read(const struct sr_resource *res, void *buf, size_t count)
data/pulseview-0.4.2/android/assetreader.cpp:80:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto n_read = file->read(static_cast<char*>(buf), count);
data/pulseview-0.4.2/android/assetreader.hpp:38:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read(const struct sr_resource *res, void *buf, size_t count) override;
data/pulseview-0.4.2/pv/devices/inputfile.cpp:134:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f->read(buffer.data(), BufferSize);
data/pulseview-0.4.2/pv/devices/inputfile.cpp:176:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f->read(buffer.data(), BufferSize);
data/pulseview-0.4.2/pv/prop/enum.cpp:248:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (v.first.equal(variant))
data/pulseview-0.4.2/signalhandler.cpp:69:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(sockets_[1], &sig_number, sizeof(int)) != sizeof(int)) {
ANALYSIS SUMMARY:
Hits = 36
Lines analyzed = 40513 in approximately 0.93 seconds (43702 lines/second)
Physical Source Lines of Code (SLOC) = 25952
Hits@level = [0] 1 [1] 7 [2] 28 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 37 [1+] 36 [2+] 29 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.42571 [1+] 1.38718 [2+] 1.11745 [3+] 0.0385327 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.