Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/theli-3.0.3/src/instrumentdefinition.h
Examining data/theli-3.0.3/src/preferences.h
Examining data/theli-3.0.3/src/tasks.cc
Examining data/theli-3.0.3/src/datamodel/datamodel.cc
Examining data/theli-3.0.3/src/datamodel/datamodel.h
Examining data/theli-3.0.3/src/imagestatistics/imagestatistics.h
Examining data/theli-3.0.3/src/imagestatistics/imagestatistics_plotting.cc
Examining data/theli-3.0.3/src/imagestatistics/imagestatistics_events.cc
Examining data/theli-3.0.3/src/imagestatistics/imagestatistics.cc
Examining data/theli-3.0.3/src/processingInternal/processingCreateSourceCat.cc
Examining data/theli-3.0.3/src/processingInternal/processingSkysub.cc
Examining data/theli-3.0.3/src/processingInternal/data.h
Examining data/theli-3.0.3/src/processingInternal/processingBackground.cc
Examining data/theli-3.0.3/src/processingInternal/processingSplitter.cc
Examining data/theli-3.0.3/src/processingInternal/controller.h
Examining data/theli-3.0.3/src/processingInternal/processingAncillary.cc
Examining data/theli-3.0.3/src/processingInternal/data.cc
Examining data/theli-3.0.3/src/processingInternal/processingAstrometry.cc
Examining data/theli-3.0.3/src/processingInternal/controller.cc
Examining data/theli-3.0.3/src/processingInternal/displayconfig.cc
Examining data/theli-3.0.3/src/processingInternal/photinst.h
Examining data/theli-3.0.3/src/processingInternal/mask.cc
Examining data/theli-3.0.3/src/processingInternal/processingCoadd.cc
Examining data/theli-3.0.3/src/processingInternal/processingWeight.cc
Examining data/theli-3.0.3/src/processingInternal/photinst.cc
Examining data/theli-3.0.3/src/processingInternal/processingCalibration.cc
Examining data/theli-3.0.3/src/processingInternal/mask.h
Examining data/theli-3.0.3/src/processingInternal/dictionaries.cc
Examining data/theli-3.0.3/src/processingInternal/processingCollapse.cc
Examining data/theli-3.0.3/src/mainwindow.h
Examining data/theli-3.0.3/src/deepmessages.cc
Examining data/theli-3.0.3/src/consistencychecks.cc
Examining data/theli-3.0.3/src/datadir.cc
Examining data/theli-3.0.3/src/query/query.h
Examining data/theli-3.0.3/src/query/query.cc
Examining data/theli-3.0.3/src/colorpicture/colorpicture.cc
Examining data/theli-3.0.3/src/colorpicture/subtaskfits2tiff.cc
Examining data/theli-3.0.3/src/colorpicture/subtaskbbnb.cc
Examining data/theli-3.0.3/src/colorpicture/refcatdata.h
Examining data/theli-3.0.3/src/colorpicture/refcatdata.cc
Examining data/theli-3.0.3/src/colorpicture/colorpicture.h
Examining data/theli-3.0.3/src/colorpicture/subtaskColorcalib.cc
Examining data/theli-3.0.3/src/colorpicture/subtaskCropcoadd.cc
Examining data/theli-3.0.3/src/main.cc
Examining data/theli-3.0.3/src/dockwidgets/validate_confdock.cc
Examining data/theli-3.0.3/src/dockwidgets/confdockwidget.cc
Examining data/theli-3.0.3/src/dockwidgets/monitor.cc
Examining data/theli-3.0.3/src/dockwidgets/monitor.h
Examining data/theli-3.0.3/src/dockwidgets/confdockwidget.h
Examining data/theli-3.0.3/src/dockwidgets/memoryviewer.cc
Examining data/theli-3.0.3/src/dockwidgets/defaults.cc
Examining data/theli-3.0.3/src/dockwidgets/memoryviewer.h
Examining data/theli-3.0.3/src/processingExternal/errordialog.h
Examining data/theli-3.0.3/src/processingExternal/errordialog.cc
Examining data/theli-3.0.3/src/threading/worker.cc
Examining data/theli-3.0.3/src/threading/scampworker.cc
Examining data/theli-3.0.3/src/threading/colorpictureworker.cc
Examining data/theli-3.0.3/src/threading/mainguiworker.h
Examining data/theli-3.0.3/src/threading/worker.h
Examining data/theli-3.0.3/src/threading/mainguiworker.cc
Examining data/theli-3.0.3/src/threading/swarpworker.cc
Examining data/theli-3.0.3/src/threading/abszpworker.cc
Examining data/theli-3.0.3/src/threading/anetworker.h
Examining data/theli-3.0.3/src/threading/sourceextractorworker.cc
Examining data/theli-3.0.3/src/threading/anetworker.cc
Examining data/theli-3.0.3/src/threading/abszpworker.h
Examining data/theli-3.0.3/src/threading/swarpworker.h
Examining data/theli-3.0.3/src/threading/colorpictureworker.h
Examining data/theli-3.0.3/src/threading/sourceextractorworker.h
Examining data/theli-3.0.3/src/threading/memoryworker.cc
Examining data/theli-3.0.3/src/threading/scampworker.h
Examining data/theli-3.0.3/src/threading/memoryworker.h
Examining data/theli-3.0.3/src/taskinfrastructure.cc
Examining data/theli-3.0.3/src/tools/cpu.cc
Examining data/theli-3.0.3/src/tools/swarpfilter.h
Examining data/theli-3.0.3/src/tools/polygon.cc
Examining data/theli-3.0.3/src/tools/fitgauss1d.cc
Examining data/theli-3.0.3/src/tools/imagequality.h
Examining data/theli-3.0.3/src/tools/splitter_processingGeneric.cc
Examining data/theli-3.0.3/src/tools/debayer.cc
Examining data/theli-3.0.3/src/tools/polygon.h
Examining data/theli-3.0.3/src/tools/cfitsioerrorcodes.cc
Examining data/theli-3.0.3/src/tools/splitter_buildHeader.cc
Examining data/theli-3.0.3/src/tools/splitter_queryHeaderLists.cc
Examining data/theli-3.0.3/src/tools/cpu.h
Examining data/theli-3.0.3/src/tools/imagequality.cc
Examining data/theli-3.0.3/src/tools/splitter.h
Examining data/theli-3.0.3/src/tools/tools.cc
Examining data/theli-3.0.3/src/tools/correlator.h
Examining data/theli-3.0.3/src/tools/cfitsioerrorcodes.h
Examining data/theli-3.0.3/src/tools/fitting.h
Examining data/theli-3.0.3/src/tools/swarpfilter.cc
Examining data/theli-3.0.3/src/tools/detectedobject.h
Examining data/theli-3.0.3/src/tools/ram.cc
Examining data/theli-3.0.3/src/tools/ram.h
Examining data/theli-3.0.3/src/tools/detectedobject.cc
Examining data/theli-3.0.3/src/tools/splitter.cc
Examining data/theli-3.0.3/src/tools/correlator.cc
Examining data/theli-3.0.3/src/tools/fitgauss1d.h
Examining data/theli-3.0.3/src/tools/fileprogresscounter.cc
Examining data/theli-3.0.3/src/tools/fileprogresscounter.h
Examining data/theli-3.0.3/src/tools/splitter_multiport.cc
Examining data/theli-3.0.3/src/tools/splitter_processingSpecific.cc
Examining data/theli-3.0.3/src/tools/xcorr.cc
Examining data/theli-3.0.3/src/tools/fitting.cc
Examining data/theli-3.0.3/src/tools/splitter_RAW.cc
Examining data/theli-3.0.3/src/tools/tools.h
Examining data/theli-3.0.3/src/readmes/imstatsreadme.h
Examining data/theli-3.0.3/src/readmes/multidirreadme.cc
Examining data/theli-3.0.3/src/readmes/multidirreadme.h
Examining data/theli-3.0.3/src/readmes/acknowledging.cc
Examining data/theli-3.0.3/src/readmes/scampreadme.h
Examining data/theli-3.0.3/src/readmes/swarpreadme.h
Examining data/theli-3.0.3/src/readmes/acknowledging.h
Examining data/theli-3.0.3/src/readmes/imstatsreadme.cc
Examining data/theli-3.0.3/src/readmes/swarpreadme.cc
Examining data/theli-3.0.3/src/readmes/license.h
Examining data/theli-3.0.3/src/readmes/license.cc
Examining data/theli-3.0.3/src/readmes/scampreadme.cc
Examining data/theli-3.0.3/src/myimage/weighting.cc
Examining data/theli-3.0.3/src/myimage/background.cc
Examining data/theli-3.0.3/src/myimage/skysub.cc
Examining data/theli-3.0.3/src/myimage/writefits.cc
Examining data/theli-3.0.3/src/myimage/fitsinterface.cc
Examining data/theli-3.0.3/src/myimage/tifftools.cc
Examining data/theli-3.0.3/src/myimage/myimage.cc
Examining data/theli-3.0.3/src/myimage/astrometrynet.cc
Examining data/theli-3.0.3/src/myimage/memoryoperations.cc
Examining data/theli-3.0.3/src/myimage/myimage.h
Examining data/theli-3.0.3/src/myimage/sourceextractor.cc
Examining data/theli-3.0.3/src/myimage/segmentation.cc
Examining data/theli-3.0.3/src/status.h
Examining data/theli-3.0.3/src/status.cc
Examining data/theli-3.0.3/src/instrumentdata.h
Examining data/theli-3.0.3/src/abszp/absphot.cc
Examining data/theli-3.0.3/src/abszp/abszeropoint.cc
Examining data/theli-3.0.3/src/abszp/absphot.h
Examining data/theli-3.0.3/src/abszp/abszeropoint.h
Examining data/theli-3.0.3/src/validators.cc
Examining data/theli-3.0.3/src/settings.cc
Examining data/theli-3.0.3/src/processingStatus/processingStatus.h
Examining data/theli-3.0.3/src/processingStatus/processingStatus.cc
Examining data/theli-3.0.3/src/datadir.h
Examining data/theli-3.0.3/src/preferences.cc
Examining data/theli-3.0.3/src/mainwindow.cc
Examining data/theli-3.0.3/src/instrumentdefinition.cc
Examining data/theli-3.0.3/src/functions.cc
Examining data/theli-3.0.3/src/functions.h
Examining data/theli-3.0.3/src/iview/iview.h
Examining data/theli-3.0.3/src/iview/wavelet/wavelet.h
Examining data/theli-3.0.3/src/iview/mygraphicsscene.cc
Examining data/theli-3.0.3/src/iview/mygraphicsview.h
Examining data/theli-3.0.3/src/iview/events.cc
Examining data/theli-3.0.3/src/iview/dockwidgets/ivconfdockwidget.cc
Examining data/theli-3.0.3/src/iview/dockwidgets/ivcolordockwidget.h
Examining data/theli-3.0.3/src/iview/dockwidgets/ivwcsdockwidget.cc
Examining data/theli-3.0.3/src/iview/dockwidgets/ivwcsdockwidget.h
Examining data/theli-3.0.3/src/iview/dockwidgets/ivcolordockwidget.cc
Examining data/theli-3.0.3/src/iview/dockwidgets/ivscampdockwidget.cc
Examining data/theli-3.0.3/src/iview/dockwidgets/ivconfdockwidget.h
Examining data/theli-3.0.3/src/iview/dockwidgets/ivscampdockwidget.h
Examining data/theli-3.0.3/src/iview/mygraphicsscene.h
Examining data/theli-3.0.3/src/iview/constructors.cc
Examining data/theli-3.0.3/src/iview/mygraphicsellipseitem.cc
Examining data/theli-3.0.3/src/iview/iview.cc
Examining data/theli-3.0.3/src/iview/actions.cc
Examining data/theli-3.0.3/src/iview/mygraphicsview.cc
Examining data/theli-3.0.3/src/iview/mygraphicsellipseitem.h
Examining data/theli-3.0.3/src/qcustomplot.h
Examining data/theli-3.0.3/src/qcustomplot.cpp
FINAL RESULTS:
data/theli-3.0.3/src/colorpicture/colorpicture.cc:437:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/colorpicture/subtaskColorcalib.cc:292:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !outcat_iview.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/dockwidgets/confdockwidget.cc:640:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( header.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/dockwidgets/confdockwidget.cc:1162:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!coeffsFile.exists() || !coeffsFile.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/dockwidgets/memoryviewer.cc:58:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QFile::ReadOnly);
data/theli-3.0.3/src/functions.cc:61:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file->open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/functions.cc:1380:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/instrumentdefinition.cc:339:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (configfile.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/instrumentdefinition.cc:475:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( instrumentFile.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/iview/events.cc:616:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (skysamples.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/iview/iview.cc:764:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( catalog.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/iview/iview.cc:903:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/mainwindow.cc:572:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QFile::ReadOnly);
data/theli-3.0.3/src/mainwindow.cc:925:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !instDataFile.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/myimage/astrometrynet.cc:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/theli-3.0.3/src/myimage/fitsinterface.cc:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filterchar[80];
data/theli-3.0.3/src/myimage/myimage.cc:326:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/myimage/myimage.cc:335:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/myimage/myimage.cc:412:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/myimage/myimage.cc:423:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[FLEN_CARD];
data/theli-3.0.3/src/myimage/myimage.cc:985:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zerohead[80] = {0};
data/theli-3.0.3/src/myimage/segmentation.cc:441:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xwinName[100] = "XWIN_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:442:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ywinName[100] = "YWIN_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:443:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alphaName[100] = "ALPHA_J2000";
data/theli-3.0.3/src/myimage/segmentation.cc:444:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deltaName[100] = "DELTA_J2000";
data/theli-3.0.3/src/myimage/segmentation.cc:445:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fwhmName[100] = "FWHM_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:446:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ellName[100] = "ELLIPTICITY";
data/theli-3.0.3/src/myimage/segmentation.cc:447:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magName[100] = "MAG_AUTO";
data/theli-3.0.3/src/myimage/segmentation.cc:448:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flagName[100] = "FLAGS";
data/theli-3.0.3/src/myimage/segmentation.cc:627:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/myimage/segmentation.cc:647:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100] = "X";
data/theli-3.0.3/src/myimage/segmentation.cc:648:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char y[100] = "Y";
data/theli-3.0.3/src/myimage/segmentation.cc:649:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mag[100] = "MAG";
data/theli-3.0.3/src/myimage/segmentation.cc:650:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[3] = {x, y, mag};
data/theli-3.0.3/src/myimage/segmentation.cc:651:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf1[10] = "1D";
data/theli-3.0.3/src/myimage/segmentation.cc:652:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf2[10] = "1D";
data/theli-3.0.3/src/myimage/segmentation.cc:653:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf3[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tform[3] = {tf1, tf2, tf3};
data/theli-3.0.3/src/myimage/segmentation.cc:723:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100] = "Field Header Card";
data/theli-3.0.3/src/myimage/segmentation.cc:724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype1[1] = {name};
data/theli-3.0.3/src/myimage/segmentation.cc:739:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf0[100];
data/theli-3.0.3/src/myimage/segmentation.cc:740:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tf0, "%ldA", headerLength);
data/theli-3.0.3/src/myimage/segmentation.cc:741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tform1[1] = {tf0};
data/theli-3.0.3/src/myimage/segmentation.cc:742:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *headerstring[1];
data/theli-3.0.3/src/myimage/segmentation.cc:748:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xwin[100] = "XWIN_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:749:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ywin[100] = "YWIN_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:750:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char erra[100] = "ERRAWIN_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:751:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errb[100] = "ERRBWIN_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:752:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errt[100] = "ERRTHETAWIN_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flux[100] = "FLUX_AUTO";
data/theli-3.0.3/src/myimage/segmentation.cc:754:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fluxerr[100] = "FLUXERR_AUTO";
data/theli-3.0.3/src/myimage/segmentation.cc:755:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[100] = "FLAGS";
data/theli-3.0.3/src/myimage/segmentation.cc:756:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alpha[100] = "ALPHA_J2000";
data/theli-3.0.3/src/myimage/segmentation.cc:757:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delta[100] = "DELTA_J2000";
data/theli-3.0.3/src/myimage/segmentation.cc:758:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fwhm[100] = "FWHM_IMAGE";
data/theli-3.0.3/src/myimage/segmentation.cc:759:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mag[100] = "MAG_AUTO";
data/theli-3.0.3/src/myimage/segmentation.cc:760:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ell[100] = "ELLIPTICITY";
data/theli-3.0.3/src/myimage/segmentation.cc:761:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype2[13] = {xwin, ywin, erra, errb, errt, flux, fluxerr, flags, alpha, delta, fwhm, mag, ell};
data/theli-3.0.3/src/myimage/segmentation.cc:763:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf1[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf2[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf3[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:766:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf4[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:767:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf5[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:768:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf6[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:769:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf7[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:770:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf8[10] = "1I";
data/theli-3.0.3/src/myimage/segmentation.cc:771:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf9[10] = "1D";
data/theli-3.0.3/src/myimage/segmentation.cc:772:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf10[10] = "1D";
data/theli-3.0.3/src/myimage/segmentation.cc:773:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf11[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf12[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf13[10] = "1E";
data/theli-3.0.3/src/myimage/segmentation.cc:776:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tform2[13] = {tf1, tf2, tf3, tf4, tf5, tf6, tf7, tf8, tf9, tf10, tf11, tf12, tf13};
data/theli-3.0.3/src/myimage/sourceextractor.cc:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname[100] = "LDAC_OBJECTS";
data/theli-3.0.3/src/myimage/sourceextractor.cc:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname[100] = "LDAC_OBJECTS";
data/theli-3.0.3/src/myimage/sourceextractor.cc:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fwhmName[100] = "FWHM_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ellName[100] = "ELLIPTICITY";
data/theli-3.0.3/src/myimage/sourceextractor.cc:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname[100] = "LDAC_OBJECTS";
data/theli-3.0.3/src/myimage/sourceextractor.cc:202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xwinName[100] = "XWIN_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ywinName[100] = "YWIN_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char awinName[100] = "AWIN_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:205:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bwinName[100] = "BWIN_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thetawinName[100] = "THETAWIN_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:232:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/myimage/sourceextractor.cc:282:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100] = "X";
data/theli-3.0.3/src/myimage/sourceextractor.cc:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char y[100] = "Y";
data/theli-3.0.3/src/myimage/sourceextractor.cc:284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mag[100] = "MAG";
data/theli-3.0.3/src/myimage/sourceextractor.cc:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[3] = {x, y, mag};
data/theli-3.0.3/src/myimage/sourceextractor.cc:286:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf1[10] = "1D";
data/theli-3.0.3/src/myimage/sourceextractor.cc:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf2[10] = "1D";
data/theli-3.0.3/src/myimage/sourceextractor.cc:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf3[10] = "1E";
data/theli-3.0.3/src/myimage/sourceextractor.cc:289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tform[3] = {tf1, tf2, tf3};
data/theli-3.0.3/src/myimage/sourceextractor.cc:300:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xName[100] = "XWIN_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yName[100] = "YWIN_IMAGE";
data/theli-3.0.3/src/myimage/sourceextractor.cc:302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magName[100] = "MAG_AUTO";
data/theli-3.0.3/src/processingInternal/controller.cc:807:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !coeffsFile.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingAncillary.cc:206:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:180:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!MEF.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:223:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!MEF.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:308:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!MEF.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:321:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !HEAD.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:498:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !backendConfig.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:560:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !aheaderFile.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:757:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !catFile.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:814:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !aheadFile.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingAstrometry.cc:887:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:416:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !headerFileOld.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:425:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !headerFileNew.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:470:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!coaddHeadOld.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:529:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!coaddHeadNew.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:698:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:862:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:915:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!coaddHead.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:1127:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileIn.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingInternal/processingCoadd.cc:1134:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileOut.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingInternal/processingSplitter.cc:175:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filterChip1[80];
data/theli-3.0.3/src/processingInternal/processingSplitter.cc:176:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dateObsChip1[80];
data/theli-3.0.3/src/processingInternal/processingSplitter.cc:340:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !altInstDataFile.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/processingStatus/processingStatus.cc:46:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/processingStatus/processingStatus.cc:74:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/qcustomplot.cpp:19881:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pixels.at(y), pixels.first(), n*sizeof(QRgb));
data/theli-3.0.3/src/qcustomplot.cpp:25108:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mData, other.mData, sizeof(mData[0])*keySize*valueSize);
data/theli-3.0.3/src/qcustomplot.cpp:25110:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mAlpha, other.mAlpha, sizeof(mAlpha[0])*keySize*valueSize);
data/theli-3.0.3/src/qcustomplot.cpp:26214:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(0),
data/theli-3.0.3/src/qcustomplot.cpp:26224:55: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCPFinancialData::QCPFinancialData(double key, double open, double high, double low, double close) :
data/theli-3.0.3/src/qcustomplot.cpp:26226:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(open),
data/theli-3.0.3/src/qcustomplot.cpp:26226:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(open),
data/theli-3.0.3/src/qcustomplot.cpp:26357:80: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void QCPFinancial::setData(const QVector<double> &keys, const QVector<double> &open, const QVector<double> &high, const QVector<double> &low, const QVector<double> &close, bool alreadySorted)
data/theli-3.0.3/src/qcustomplot.cpp:26360:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
addData(keys, open, high, low, close, alreadySorted);
data/theli-3.0.3/src/qcustomplot.cpp:26478:80: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void QCPFinancial::addData(const QVector<double> &keys, const QVector<double> &open, const QVector<double> &high, const QVector<double> &low, const QVector<double> &close, bool alreadySorted)
data/theli-3.0.3/src/qcustomplot.cpp:26480:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (keys.size() != open.size() || open.size() != high.size() || high.size() != low.size() || low.size() != close.size() || close.size() != keys.size())
data/theli-3.0.3/src/qcustomplot.cpp:26480:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (keys.size() != open.size() || open.size() != high.size() || high.size() != low.size() || low.size() != close.size() || close.size() != keys.size())
data/theli-3.0.3/src/qcustomplot.cpp:26481:103: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
qDebug() << Q_FUNC_INFO << "keys, open, high, low, close have different sizes:" << keys.size() << open.size() << high.size() << low.size() << close.size();
data/theli-3.0.3/src/qcustomplot.cpp:26482:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int n = qMin(keys.size(), qMin(open.size(), qMin(high.size(), qMin(low.size(), close.size()))));
data/theli-3.0.3/src/qcustomplot.cpp:26490:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
it->open = open[i];
data/theli-3.0.3/src/qcustomplot.cpp:26510:47: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void QCPFinancial::addData(double key, double open, double high, double low, double close)
data/theli-3.0.3/src/qcustomplot.cpp:26512:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mDataContainer->add(QCPFinancialData(key, open, high, low, close));
data/theli-3.0.3/src/qcustomplot.cpp:26767:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->setPen(it->close >= it->open ? mPenPositive : mPenNegative);
data/theli-3.0.3/src/qcustomplot.cpp:26771:54: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double openPixel = valueAxis->coordToPixel(it->open);
data/theli-3.0.3/src/qcustomplot.cpp:26788:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->setPen(it->close >= it->open ? mPenPositive : mPenNegative);
data/theli-3.0.3/src/qcustomplot.cpp:26792:54: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double openPixel = valueAxis->coordToPixel(it->open);
data/theli-3.0.3/src/qcustomplot.cpp:26827:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->setPen(it->close >= it->open ? mPenPositive : mPenNegative);
data/theli-3.0.3/src/qcustomplot.cpp:26828:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->setBrush(it->close >= it->open ? mBrushPositive : mBrushNegative);
data/theli-3.0.3/src/qcustomplot.cpp:26835:54: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double openPixel = valueAxis->coordToPixel(it->open);
data/theli-3.0.3/src/qcustomplot.cpp:26838:130: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->drawLine(QPointF(keyPixel, valueAxis->coordToPixel(it->high)), QPointF(keyPixel, valueAxis->coordToPixel(qMax(it->open, it->close))));
data/theli-3.0.3/src/qcustomplot.cpp:26840:129: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->drawLine(QPointF(keyPixel, valueAxis->coordToPixel(it->low)), QPointF(keyPixel, valueAxis->coordToPixel(qMin(it->open, it->close))));
data/theli-3.0.3/src/qcustomplot.cpp:26855:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->setPen(it->close >= it->open ? mPenPositive : mPenNegative);
data/theli-3.0.3/src/qcustomplot.cpp:26856:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->setBrush(it->close >= it->open ? mBrushPositive : mBrushNegative);
data/theli-3.0.3/src/qcustomplot.cpp:26863:54: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double openPixel = valueAxis->coordToPixel(it->open);
data/theli-3.0.3/src/qcustomplot.cpp:26866:120: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->drawLine(QPointF(valueAxis->coordToPixel(it->high), keyPixel), QPointF(valueAxis->coordToPixel(qMax(it->open, it->close)), keyPixel));
data/theli-3.0.3/src/qcustomplot.cpp:26868:119: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
painter->drawLine(QPointF(valueAxis->coordToPixel(it->low), keyPixel), QPointF(valueAxis->coordToPixel(qMin(it->open, it->close)), keyPixel));
data/theli-3.0.3/src/qcustomplot.cpp:26993:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCPRange boxValueRange(it->close, it->open);
data/theli-3.0.3/src/qcustomplot.cpp:27003:186: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double highLineDistSqr = QCPVector2D(pos).distanceSquaredToLine(QCPVector2D(keyPixel, valueAxis->coordToPixel(it->high)), QCPVector2D(keyPixel, valueAxis->coordToPixel(qMax(it->open, it->close))));
data/theli-3.0.3/src/qcustomplot.cpp:27004:184: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double lowLineDistSqr = QCPVector2D(pos).distanceSquaredToLine(QCPVector2D(keyPixel, valueAxis->coordToPixel(it->low)), QCPVector2D(keyPixel, valueAxis->coordToPixel(qMin(it->open, it->close))));
data/theli-3.0.3/src/qcustomplot.cpp:27020:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCPRange boxValueRange(it->close, it->open);
data/theli-3.0.3/src/qcustomplot.cpp:27030:176: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double highLineDistSqr = QCPVector2D(pos).distanceSquaredToLine(QCPVector2D(valueAxis->coordToPixel(it->high), keyPixel), QCPVector2D(valueAxis->coordToPixel(qMax(it->open, it->close)), keyPixel));
data/theli-3.0.3/src/qcustomplot.cpp:27031:174: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double lowLineDistSqr = QCPVector2D(pos).distanceSquaredToLine(QCPVector2D(valueAxis->coordToPixel(it->low), keyPixel), QCPVector2D(valueAxis->coordToPixel(qMin(it->open, it->close)), keyPixel));
data/theli-3.0.3/src/qcustomplot.h:5831:39: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCPFinancialData(double key, double open, double high, double low, double close);
data/theli-3.0.3/src/qcustomplot.h:5838:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inline double mainValue() const { return open; }
data/theli-3.0.3/src/qcustomplot.h:5842:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
double key, open, high, low, close;
data/theli-3.0.3/src/qcustomplot.h:5910:68: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void setData(const QVector<double> &keys, const QVector<double> &open, const QVector<double> &high, const QVector<double> &low, const QVector<double> &close, bool alreadySorted=false);
data/theli-3.0.3/src/qcustomplot.h:5921:68: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void addData(const QVector<double> &keys, const QVector<double> &open, const QVector<double> &high, const QVector<double> &low, const QVector<double> &close, bool alreadySorted=false);
data/theli-3.0.3/src/qcustomplot.h:5922:35: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void addData(double key, double open, double high, double low, double close);
data/theli-3.0.3/src/query/query.cc:549:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !outcat_iview.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/query/query.cc:606:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !outcat_iview.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/query/query.cc:693:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !outcat_iview.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/query/query.cc:742:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !outcat_iview.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/query/query.cc:1155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xworld[100] = "X_WORLD";
data/theli-3.0.3/src/query/query.cc:1156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yworld[100] = "Y_WORLD";
data/theli-3.0.3/src/query/query.cc:1157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mag[100] = "MAG";
data/theli-3.0.3/src/query/query.cc:1158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magerr[100] = "MAGERR";
data/theli-3.0.3/src/query/query.cc:1159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char erra[100] = "ERRA_WORLD";
data/theli-3.0.3/src/query/query.cc:1160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errb[100] = "ERRB_WORLD";
data/theli-3.0.3/src/query/query.cc:1161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errt[100] = "ERRTHETA_WORLD"; // scamp does not complain if this key is absent
data/theli-3.0.3/src/query/query.cc:1162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[100] = "FLAGS";
data/theli-3.0.3/src/query/query.cc:1163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obsdate[100] = "OBSDATE";
data/theli-3.0.3/src/query/query.cc:1165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[9] = {xworld, yworld, mag, magerr, erra, errb, errt, flags, obsdate};
data/theli-3.0.3/src/query/query.cc:1167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf1[10] = "1D";
data/theli-3.0.3/src/query/query.cc:1168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf2[10] = "1D";
data/theli-3.0.3/src/query/query.cc:1169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf3[10] = "1E";
data/theli-3.0.3/src/query/query.cc:1170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf4[10] = "1E";
data/theli-3.0.3/src/query/query.cc:1171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf5[10] = "1E";
data/theli-3.0.3/src/query/query.cc:1172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf6[10] = "1E";
data/theli-3.0.3/src/query/query.cc:1173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf7[10] = "1E";
data/theli-3.0.3/src/query/query.cc:1174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf8[10] = "1I";
data/theli-3.0.3/src/query/query.cc:1175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf9[10] = "1E";
data/theli-3.0.3/src/query/query.cc:1177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tform[9] = {tf1, tf2, tf3, tf4, tf5, tf6, tf7, tf8, tf9};
data/theli-3.0.3/src/query/query.cc:1247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xworld[100] = "RA";
data/theli-3.0.3/src/query/query.cc:1248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yworld[100] = "DEC";
data/theli-3.0.3/src/query/query.cc:1249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mag[100] = "MAG";
data/theli-3.0.3/src/query/query.cc:1250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ttype[3] = {xworld, yworld, mag};
data/theli-3.0.3/src/query/query.cc:1251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf1[10] = "1D";
data/theli-3.0.3/src/query/query.cc:1252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf2[10] = "1D";
data/theli-3.0.3/src/query/query.cc:1253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf3[10] = "1E";
data/theli-3.0.3/src/query/query.cc:1254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tform[3] = {tf1, tf2, tf3};
data/theli-3.0.3/src/query/query.cc:1340:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !outcat_iview.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/query/query.cc:1367:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !file.open(QIODevice::WriteOnly)) {
data/theli-3.0.3/src/taskinfrastructure.cc:852:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/taskinfrastructure.cc:1016:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[80];
data/theli-3.0.3/src/tools/cpu.cc:44:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/tools/polygon.cc:225:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/tools/polygon.cc:275:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/tools/ram.cc:44:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !file.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/tools/swarpfilter.cc:148:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!coaddHead.open(QIODevice::ReadOnly)) {
data/theli-3.0.3/src/myimage/myimage.cc:451:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long dim = strlen(fullheader);
data/theli-3.0.3/src/myimage/segmentation.cc:738:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
long headerLength = strlen(fullheader);
ANALYSIS SUMMARY:
Hits = 205
Lines analyzed = 91400 in approximately 2.43 seconds (37671 lines/second)
Physical Source Lines of Code (SLOC) = 57840
Hits@level = [0] 0 [1] 2 [2] 203 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 205 [1+] 205 [2+] 203 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 3.54426 [1+] 3.54426 [2+] 3.50968 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.