Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/sirikali-1.4.7/src/sirikali.cpp Parsing failed to find end of parameter list; semicolon terminated it in ( [ & ](){ for( auto& it : v ){ auto s = m->readValue( it.favorite().volumePath ) ; if( !s.isEmpty() ){ it.setPassword( std::move( s ) ) ; } } return true Examining data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp Examining data/sirikali-1.4.7/src/3rdParty/tasks/task.hpp Examining data/sirikali-1.4.7/src/3rdParty/NetworkAccessManager/network_access_manager.hpp Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/fake_wallet_backend.c Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_osx_keychain.cpp Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/libsecret.c Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_libsecret.cpp Parsing failed to find end of parameter list; semicolon terminated it in (walletName, applicationName, [&](bool e) {m_opened = e;loop.exit();}, parent, password, displayApplicationName); loop.exec(); return m_opened; } Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/changepassworddialog.cpp Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_libsecret.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_kwallet.cpp Parsing failed to find end of parameter list; semicolon terminated it in (walletName, applicationName, [&](bool e) {opened = e;loop.exit();}, parent, password, displayApplicationName); loop.exec(); return opened; } void LXQt::Wallet::kwallet::op Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_wallet.cpp Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_wallet.h Parsing failed to find end of parameter list; semicolon terminated it in ("test", "test", [this](bool walletIsOpen) { if (walletIsOpen) { qDebug() << "wallet is open.\n"; this->addKey(); this-> Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/password_dialog.cpp Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_kwallet.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/changepassworddialog.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/task.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/password_dialog.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.cpp Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_osx_keychain.h Examining data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_osx_keychain_private.h Examining data/sirikali-1.4.7/src/checkforupdateswindow.cpp Examining data/sirikali-1.4.7/src/dialogmsg.cpp Examining data/sirikali-1.4.7/src/systemsignalhandler.h Examining data/sirikali-1.4.7/src/favorites2.cpp Parsing failed to find end of parameter list; semicolon terminated it in ( [ this ](){ for( const auto& it : this->readAllKeys() ){ tablewidget::addRow( m_ui->tableWidgetWallet,{ it } ) ; } },_hide_ui( [ this ](){ this->hide() ; },bk ),[ this ]( bool opened ){ Examining data/sirikali-1.4.7/src/configfileoption.h Examining data/sirikali-1.4.7/src/plugin.h Examining data/sirikali-1.4.7/src/engines/ecryptfscreateoptions.cpp Examining data/sirikali-1.4.7/src/engines/gocryptfs.h Examining data/sirikali-1.4.7/src/engines/cryfscreateoptions.cpp Examining data/sirikali-1.4.7/src/engines/customcreateoptions.h Examining data/sirikali-1.4.7/src/engines/unknown.cpp Examining data/sirikali-1.4.7/src/engines/sshfs.cpp Examining data/sirikali-1.4.7/src/engines/encfscreateoptions.h Examining data/sirikali-1.4.7/src/engines/cryfscreateoptions.h Examining data/sirikali-1.4.7/src/engines/cryfs.cpp Examining data/sirikali-1.4.7/src/engines/custom.h Examining data/sirikali-1.4.7/src/engines/ecryptfs.cpp Examining data/sirikali-1.4.7/src/engines/securefs.cpp Examining data/sirikali-1.4.7/src/engines/fscrypt.h Examining data/sirikali-1.4.7/src/engines/encfs.h Examining data/sirikali-1.4.7/src/engines/options.cpp Examining data/sirikali-1.4.7/src/engines/encfs.cpp Examining data/sirikali-1.4.7/src/engines/fscryptcreateoptions.h Examining data/sirikali-1.4.7/src/engines/securefscreateoptions.h Examining data/sirikali-1.4.7/src/engines/gocryptfs.cpp Examining data/sirikali-1.4.7/src/engines/unknown.h Examining data/sirikali-1.4.7/src/engines/custom.cpp Examining data/sirikali-1.4.7/src/engines/options.h Examining data/sirikali-1.4.7/src/engines/securefs.h Examining data/sirikali-1.4.7/src/engines/fscryptcreateoptions.cpp Examining data/sirikali-1.4.7/src/engines/ecryptfscreateoptions.h Examining data/sirikali-1.4.7/src/engines/fscrypt.cpp Examining data/sirikali-1.4.7/src/engines/customcreateoptions.cpp Examining data/sirikali-1.4.7/src/engines/encfscreateoptions.cpp Examining data/sirikali-1.4.7/src/engines/sshfs.h Examining data/sirikali-1.4.7/src/engines/ecryptfs.h Examining data/sirikali-1.4.7/src/engines/securefscreateoptions.cpp Examining data/sirikali-1.4.7/src/engines/gocryptfscreateoptions.h Examining data/sirikali-1.4.7/src/engines/gocryptfscreateoptions.cpp Examining data/sirikali-1.4.7/src/engines/cryfs.h Examining data/sirikali-1.4.7/src/utility2.cpp Examining data/sirikali-1.4.7/src/main.cpp Examining data/sirikali-1.4.7/src/siripolkit/main.cpp Examining data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp Examining data/sirikali-1.4.7/src/siripolkit/zulupolkit.h Examining data/sirikali-1.4.7/src/crypto.h Examining data/sirikali-1.4.7/src/siritask.cpp Examining data/sirikali-1.4.7/src/readonlywarning.cpp Examining data/sirikali-1.4.7/src/utility2.h Examining data/sirikali-1.4.7/src/crypto.cpp Examining data/sirikali-1.4.7/src/sirikali.h Examining data/sirikali-1.4.7/src/help.cpp Examining data/sirikali-1.4.7/src/favorites2.h Examining data/sirikali-1.4.7/src/checkforupdates.h Examining data/sirikali-1.4.7/src/dialogok.h Examining data/sirikali-1.4.7/src/dialogok.cpp Examining data/sirikali-1.4.7/src/keydialog.h Examining data/sirikali-1.4.7/src/siritask.h Examining data/sirikali-1.4.7/src/runinthread.cpp Examining data/sirikali-1.4.7/src/engines.cpp Examining data/sirikali-1.4.7/src/createbackendwindow.cpp Examining data/sirikali-1.4.7/src/tablewidget.cpp Examining data/sirikali-1.4.7/src/dialogmsg.h Examining data/sirikali-1.4.7/src/favorites.cpp Examining data/sirikali-1.4.7/src/configoptions.h Examining data/sirikali-1.4.7/src/win.cpp Examining data/sirikali-1.4.7/src/utility.cpp Examining data/sirikali-1.4.7/src/filemanager.h Examining data/sirikali-1.4.7/src/help.h Examining data/sirikali-1.4.7/src/createbackendwindow.h Examining data/sirikali-1.4.7/src/checkforupdates.cpp Examining data/sirikali-1.4.7/src/compatibility.hpp Examining data/sirikali-1.4.7/src/json_parser.hpp Examining data/sirikali-1.4.7/src/engines.h Examining data/sirikali-1.4.7/src/volumeinfo.h Examining data/sirikali-1.4.7/src/debugwindow.cpp Examining data/sirikali-1.4.7/src/filemanager.cpp Examining data/sirikali-1.4.7/src/plugins.h Examining data/sirikali-1.4.7/src/mountinfo.cpp Examining data/sirikali-1.4.7/src/secrets.h Examining data/sirikali-1.4.7/src/settings.cpp Examining data/sirikali-1.4.7/src/systemsignalhandler.cpp Examining data/sirikali-1.4.7/src/utility.h Examining data/sirikali-1.4.7/src/mountinfo.h Examining data/sirikali-1.4.7/src/oneinstance.h Examining data/sirikali-1.4.7/src/secrets.cpp Examining data/sirikali-1.4.7/src/configoptions.cpp Examining data/sirikali-1.4.7/src/plugin.cpp Examining data/sirikali-1.4.7/src/debugwindow.h Examining data/sirikali-1.4.7/src/oneinstance.cpp Examining data/sirikali-1.4.7/src/volumeinfo.cpp Examining data/sirikali-1.4.7/src/win.h Examining data/sirikali-1.4.7/src/configfileoption.cpp Examining data/sirikali-1.4.7/src/keydialog.cpp Parsing failed to find end of parameter list; semicolon terminated it in ( [](){ return true ; } ) ; } }() ; if( m ){ QString id ; if( m_create ){ id = m_ui->lineEditFolderPath->text() ; }else{ id = m_path ; } if( w->readValue( id ).isEmpty() ){ Examining data/sirikali-1.4.7/src/readonlywarning.h Examining data/sirikali-1.4.7/src/tablewidget.h Examining data/sirikali-1.4.7/src/favorites.h Examining data/sirikali-1.4.7/src/checkforupdateswindow.h Examining data/sirikali-1.4.7/src/runinthread.h Examining data/sirikali-1.4.7/src/settings.h FINAL RESULTS: data/sirikali-1.4.7/src/compatibility.hpp:177:19: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. static inline int chown( const char * a,int b,int c ) data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:145:8: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. if( chown( s.constData(),id,id ) ){} data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:146:8: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if( chmod( s.constData(),0700 ) ){} data/sirikali-1.4.7/src/utility.cpp:456:7: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. if( chown( s.constData(),uid,uid ) ){} data/sirikali-1.4.7/src/utility.cpp:457:7: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if( chmod( s.constData(),0700 ) ){} data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:1337:86: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define JSON_HEDLEY_PRINTF_FORMAT(string_idx,first_to_check) __declspec(vaformat(printf,string_idx,first_to_check)) data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:6047:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (std::snprintf)(cr.data(), cr.size(), "%.2hhX", static_cast<unsigned char>(element_type)); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:8002:15: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (std::snprintf)(cr.data(), cr.size(), "%.2hhX", static_cast<unsigned char>(current)); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:9443:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (std::snprintf)(cs.data(), cs.size(), "<U+%.4X>", static_cast<unsigned char>(c)); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:15360:43: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (std::snprintf)(string_buffer.data() + bytes, 7, "\\u%04x", data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:15366:43: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (std::snprintf)(string_buffer.data() + bytes, 13, "\\u%04x\\u%04x", data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:15404:35: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (std::snprintf)(&sn[0], sn.size(), "%.2X", byte); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:15498:27: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (std::snprintf)(&sn[0], sn.size(), "%.2X", static_cast<std::uint8_t>(s.back())); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:15700:36: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. std::ptrdiff_t len = (std::snprintf)(number_buffer.data(), number_buffer.size(), "%.*g", d, x); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:1811:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((struct { char v[sizeof(void) * 2]; } *) 1) \ data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:7912:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&result, vec.data(), sizeof(NumberType)); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:13719:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(vec.data(), &n, sizeof(NumberType)); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:13750:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&result, &x, sizeof(x)); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:13851:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&target, &source, sizeof(Source)); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[ PASSWORD_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char salt[ SALT_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:152:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static gcry_error_t _create_key( const char salt[ SALT_SIZE ],char output_key[ PASSWORD_SIZE ],const char * input_key,uint32_t input_key_length ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:152:63: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static gcry_error_t _create_key( const char salt[ SALT_SIZE ],char output_key[ PASSWORD_SIZE ],const char * input_key,uint32_t input_key_length ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:156:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _get_iv_from_wallet_header( char iv[ IV_SIZE ],int fd ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:158:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _get_salt_from_wallet_header( char salt[ SALT_SIZE ],int fd ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:160:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _get_volume_info( char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ],int fd ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:164:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _create_magic_string_header( char magic_string[ MAGIC_STRING_BUFFER_SIZE ] ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( first,str,sizeof( uint32_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:205:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( second,str + sizeof( uint32_t ),sizeof( uint32_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:284:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ PATH_MAX ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:285:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iv[ IV_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:286:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[ PASSWORD_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:287:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char salt[ SALT_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:288:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ] = { '\0' } ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:313:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open( path,O_WRONLY|O_CREAT,0600 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:347:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iv[ IV_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:348:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[ PASSWORD_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:349:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char salt[ SALT_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:350:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ] = { '\0' } ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:351:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_buffer[ FILE_BLOCK_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:374:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_dest = open( destination,O_WRONLY|O_CREAT,0600 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:378:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_src = open( source,O_RDONLY ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:397:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( buffer + MAGIC_STRING_BUFFER_SIZE,&size,sizeof( uint64_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:440:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[ PASSWORD_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:450:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( wallet->key,key,PASSWORD_SIZE ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:479:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iv[ IV_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:530:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ] = { '\0' } ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:531:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_buffer[ FILE_BLOCK_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:560:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_src = open( source,O_RDONLY ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:573:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_dest = open( destination,O_WRONLY|O_CREAT,0600 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:630:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ PATH_MAX ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:640:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open( path,O_RDONLY ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:661:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( w->wallet_name,wallet_name,len + 1 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:671:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( w->application_name,application_name,len + 1 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:698:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:775:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:909:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( e,&key_size,sizeof( uint32_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:910:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( e + sizeof( uint32_t ),&key_value_length,sizeof( uint32_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:911:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( e + NODE_HEADER_SIZE,key,key_size ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:912:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( e + NODE_HEADER_SIZE + key_size,value,key_value_length ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1046:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ PATH_MAX ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1078:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iv[ IV_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1079:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ PATH_MAX ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1080:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_1[ PATH_MAX + 16 ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1081:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1124:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( buffer + MAGIC_STRING_BUFFER_SIZE,&wallet->wallet_data_size,sizeof( uint64_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( buffer + MAGIC_STRING_BUFFER_SIZE + sizeof( uint64_t ),&wallet->wallet_data_entry_count,sizeof( uint64_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1139:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open( path_1,O_WRONLY|O_CREAT,0600 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1163:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open( path_1,O_WRONLY|O_CREAT,0600 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1184:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ PATH_MAX ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1217:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( e,entry->d_name,len ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1236:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ PATH_MAX ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1266:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_1[ PATH_MAX - 16 ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1274:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ PATH_MAX ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1309:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( output_key,digest,output_key_size ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1321:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static gcry_error_t _create_key( const char salt[ SALT_SIZE ], data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1322:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_key[ PASSWORD_SIZE ],const char * input_key,uint32_t input_key_length ) data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1324:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_key[ PASSWORD_SIZE ] ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1335:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _get_iv_from_wallet_header( char iv[ IV_SIZE ],int fd ) data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1341:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _get_salt_from_wallet_header( char salt[ SALT_SIZE ],int fd ) data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1347:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _get_volume_info( char buffer[ MAGIC_STRING_BUFFER_SIZE + BLOCK_SIZE ],int fd ) data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1356:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &w->wallet_data_size,buffer,sizeof( uint64_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1357:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &w->wallet_data_entry_count,buffer + sizeof( uint64_t ),sizeof( uint64_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1363:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open( "/dev/urandom",O_RDONLY ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1377:42: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void _create_magic_string_header( char magic_string[ MAGIC_STRING_BUFFER_SIZE ] ) data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1383:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( magic_string,MAGIC_STRING,MAGIC_STRING_SIZE ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1387:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( magic_string + MAGIC_STRING_SIZE,&version,sizeof( uint16_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1393:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &version,buffer + MAGIC_STRING_SIZE,sizeof( uint16_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1403:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &version,buffer + MAGIC_STRING_SIZE,sizeof( uint16_t ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/libsecret.c:81:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). e = atoi(c); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/libsecret.c:103:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). e = atoi(c); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/libsecret.c:199:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wallet_size[ BUFFER_SIZE ]; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/libsecret.c:284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wallet_size[ BUFFER_SIZE ]; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.cpp:83:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool LXQt::Wallet::internalWallet::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.cpp:89:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.cpp:101:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void LXQt::Wallet::internalWallet::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.cpp:413:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ 4096 ]; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.h:66:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_internal_wallet.h:73:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_kwallet.cpp:58:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool LXQt::Wallet::kwallet::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_kwallet.cpp:66:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_kwallet.cpp:95:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void LXQt::Wallet::kwallet::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_kwallet.h:57:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_kwallet.h:64:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_libsecret.cpp:89:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool LXQt::Wallet::libsecret::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_libsecret.cpp:96:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_libsecret.cpp:106:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void LXQt::Wallet::libsecret::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_libsecret.h:57:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_libsecret.h:64:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_osx_keychain.cpp:62:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void LXQt::Wallet::osxKeyChain::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_osx_keychain.cpp:80:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool LXQt::Wallet::osxKeyChain::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_osx_keychain.h:57:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_osx_keychain.h:64:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_wallet.cpp:227:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[4096]; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_wallet.h:229:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). virtual void open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_wallet.h:236:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). virtual bool open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_wallet.h:343:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_wallet->open("test", "test", [this](bool walletIsOpen) data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:218:35: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool LXQt::Wallet::windows_dpapi::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:233:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:245:35: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void LXQt::Wallet::windows_dpapi::open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:381:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&test, data, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:392:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&s, data + int_size, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:407:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&keySize, data, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:408:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(&valueSize, data + int_size, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:426:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[2 * int_size]; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:428:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(buffer, &TEST_VALUE, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:432:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(buffer + int_size, &s, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:440:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[header_size]; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:450:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(buffer, &keySize, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:451:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(buffer + int_size, &valueSize, int_size); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.h:58:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const QString &walletName, data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.h:65:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(const QString &walletName, data/sirikali-1.4.7/src/crypto.cpp:70:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( file.open( QIODevice::ReadOnly ) ){ data/sirikali-1.4.7/src/engines/custom.cpp:128:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( file.open( QIODevice::ReadOnly ) ){ data/sirikali-1.4.7/src/favorites2.cpp:808:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_wallet.open( [ this ](){ data/sirikali-1.4.7/src/favorites2.h:135:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open( Args&& ... args ) data/sirikali-1.4.7/src/favorites2.h:137:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_w->wallet.open( std::forward< Args >( args ) ... ) ; data/sirikali-1.4.7/src/json_parser.hpp:256:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( file.open( QIODevice::WriteOnly ) ){ data/sirikali-1.4.7/src/json_parser.hpp:327:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( !f.open( QIODevice::ReadOnly ) ){ data/sirikali-1.4.7/src/keydialog.cpp:1429:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return w.open( [](){ return true ; } ) ; data/sirikali-1.4.7/src/keydialog.h:367:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( s->open( walletName,appName ) ){ data/sirikali-1.4.7/src/mountinfo.cpp:351:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). s.open( QIODevice::ReadOnly ) ; data/sirikali-1.4.7/src/secrets.cpp:129:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). w.opened = m_wallet->open( wlt.walletName( s ),wlt.applicationName() ) ; data/sirikali-1.4.7/src/secrets.h:84:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). auto m = m_wallet->open( s.walletName,s.appName ) ; data/sirikali-1.4.7/src/secrets.h:98:54: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). utility2::result< std::result_of_t< Function() > > open( Function&& function ) data/sirikali-1.4.7/src/secrets.h:103:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open() data/sirikali-1.4.7/src/secrets.h:109:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open( Opened&& o,Before&& b,After&& a ) data/sirikali-1.4.7/src/secrets.h:126:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_wallet->open( s.walletName,s.appName,std::move( a ) ) ; data/sirikali-1.4.7/src/secrets.h:131:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open( Opened&& ofunction,After&& afunction ) data/sirikali-1.4.7/src/secrets.h:133:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open( std::move( ofunction ),[](){},std::move( afunction ) ) ; data/sirikali-1.4.7/src/sirikali.cpp:725:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m.open( [ & ](){ data/sirikali-1.4.7/src/sirikali.cpp:1199:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( !m.open() ){ data/sirikali-1.4.7/src/sirikali.cpp:1648:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if( wallet.open() ){ data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:106:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f.open( QIODevice::WriteOnly ) ; data/sirikali-1.4.7/src/utility.cpp:1068:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m[ 3 ] = { 'Z',':','\0' } ; data/sirikali-1.4.7/src/utility.cpp:1129:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m[ 3 ] = { 'G',':','\0' } ; data/sirikali-1.4.7/src/utility.h:504:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file.open( QIODevice::ReadOnly ) ; data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:4474:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return std::fgetc(m_file); data/sirikali-1.4.7/src/3rdParty/json/nlohmann/json.hpp:4835:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). auto length = std::strlen(reinterpret_cast<const char*>(b)); data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:145:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if( read( x,y,z ) ){} data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:411:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). k = (int)read( fd_src,file_buffer,FILE_BLOCK_SIZE ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:654:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( wallet_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:664:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen( application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1211:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = ( uint32_t )( strlen( entry->d_name ) - strlen( WALLET_EXTENSION ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.c:1211:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = ( uint32_t )( strlen( entry->d_name ) - strlen( WALLET_EXTENSION ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:273:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_create( f,strlen( f ),wallet_name,application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:285:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_open( &wallet,f,strlen( f ),wallet_name,application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:297:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_add_key( wallet,f,strlen( f ) + 1,z,strlen( z ) + 1 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:297:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_add_key( wallet,f,strlen( f ) + 1,z,strlen( z ) + 1 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:311:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_open( &wallet,f,strlen( f ),wallet_name,application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:322:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( lxqt_wallet_read_key_value( wallet,f,strlen( f ) + 1,&value ) ){ data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:340:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_open( &wallet,f,strlen( f ),wallet_name,application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:369:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_open( &wallet,f,strlen( f ),wallet_name,application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:374:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_delete_key( wallet,f,strlen( f ) + 1 ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:393:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_open( &wallet,f,strlen( f ),wallet_name,application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:398:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_change_wallet_password( wallet,f,strlen( f ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:417:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = lxqt_wallet_open( &wallet,f,strlen( f ),wallet_name,application_name ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:422:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( lxqt_wallet_wallet_has_value( wallet,f,strlen( f ) + 1,&value ) ){ data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/backend/lxqtwallet.h:445:78: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). printf( "%d\n",lxqt_wallet_volume_version( wallet_name,application_name,f,strlen( f ) ) ) ; data/sirikali-1.4.7/src/3rdParty/lxqt_wallet/frontend/lxqt_windows_dpapi.cpp:92:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static_cast<ULONG>(strlen(ss)), data/sirikali-1.4.7/src/engines.h:116:48: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. enum class Operator{ less,lessOrEqual,equal,notEqual,greater,greaterOrEqual } ; data/sirikali-1.4.7/src/engines.h:137:46: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. case engines::version::Operator::equal : return a == b ; data/sirikali-1.4.7/src/mountinfo.h:242:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto s = read( m_inotify_fd,buffer.data(),buffer.size() ) ; data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:102:17: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). for( decltype( umask( 0 ) ) i = 0 ; i < 1000 ; i++ ){ data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:104:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask( i ) ; data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:151:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). auto s = umask( 0 ) ; data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:157:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask( s ) ; data/sirikali-1.4.7/src/siripolkit/zulupolkit.cpp:260:12: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). e = std::getchar() ; data/sirikali-1.4.7/src/systemsignalhandler.cpp:101:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ::read( sighupFd[ 1 ],&tmp,sizeof( tmp ) ) ; data/sirikali-1.4.7/src/systemsignalhandler.cpp:120:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ::read( sighupFd[ 1 ],&tmp,sizeof( tmp ) ) ; data/sirikali-1.4.7/src/utility.cpp:944:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). e = std::getchar() ; data/sirikali-1.4.7/src/utility.cpp:975:13: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). e = std::getchar() ; ANALYSIS SUMMARY: Hits = 192 Lines analyzed = 58556 in approximately 1.28 seconds (45881 lines/second) Physical Source Lines of Code (SLOC) = 36904 Hits@level = [0] 14 [1] 35 [2] 143 [3] 0 [4] 9 [5] 5 Hits@level+ = [0+] 206 [1+] 192 [2+] 157 [3+] 14 [4+] 14 [5+] 5 Hits/KSLOC@level+ = [0+] 5.58205 [1+] 5.20269 [2+] 4.25428 [3+] 0.379363 [4+] 0.379363 [5+] 0.135487 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.