Комментарии 4
Боюсь, что если скормить ему большой листинг кода, то можно захлебнуться в предупреждениях.
Смотря насколько листинг большой, вот, например, тест исходников qbittorrent последней версии, предупреждений не так уж и много.
Отчет RATS
Entries in perl database: 33
Entries in ruby database: 46
Entries in python database: 62
Entries in c database: 334
Entries in php database: 55
Analyzing /ftp/qbittorrent-3.1.11//src/qtnotify/notifications.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcreator/torrentcreatordlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcreator/torrentcreatorthread.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodelfile.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodelitem.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/ico.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/loglistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/dnsupdater.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/messageboxraised.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/statussortfilterproxymodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/preferences/options_imp.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/powermanagement/powermanagement.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/powermanagement/powermanagement_x11.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodelfolder.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/smtp.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/lineedit/src/lineedit.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httpresponsegenerator.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httpserver.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httpconnection.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/btjson.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/parser.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/json_parser.cc
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cc
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/serializer.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httprequestparser.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/prefjson.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/programupdater.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/main.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qmacapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/iconprovider.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/downloadthread.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/executionlog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentfiltermodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/update_qrc_files.py
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rss_imp.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssfeed.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssfolder.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rsssettingsdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssdownloadrule.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssarticle.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssfile.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssparser.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/automatedrssdownloader.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/feedlistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssmanager.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/cookiesdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssdownloadrulelist.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/shutdownconfirm.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/torrentspeedmonitor.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/qtorrenthandle.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/torrentmodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/qbtsession.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentimportdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/sessionapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/previewselect.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/statsdialog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/mainwindow.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtsinglecoreapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlockedfile_win.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtsingleapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlocalpeer.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlockedfile_unix.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlockedfile.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/engineselectdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/nova2.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/novaprinter.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/mininova.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/vertor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/kickasstorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/legittorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/torrentreactor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/btdigg.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/extratorrent.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/piratebay.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/nova2dl.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/helpers.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/searchtab.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/searchengine.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/nova2.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/fix_encoding.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/novaprinter.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/mininova.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/vertor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/kickasstorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/legittorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/torrentreactor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/btdigg.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/extratorrent.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/piratebay.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/nova2dl.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/helpers.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/scannedfoldersmodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/addnewtorrentdialog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/tracker/qtracker.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/fs_utils.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/autoexpandabledialog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/misc.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/geoip/geoipmanager.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/proptabbar.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/peerlistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/propertieswidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/downloadedpiecesbar.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/pieceavailabilitybar.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/trackerlist.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/transferlistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/updownratiodlg.cpp
/ftp/qbittorrent-3.1.11//src/ico.cpp:172: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/ico.cpp:180: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/ico.cpp:223: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/ico.cpp:406: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/webui/httpresponsegenerator.cpp:70: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_parser.cc:761: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/downloadthread.cpp:64: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/misc.cpp:434: High: fixed size local buffer
Extra care should be taken to ensure that character arrays that are allocated
on the stack are used safely. They are prime targets for buffer overflow
attacks.
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py:19: High: compile
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py:33: High: compile
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py:56: High: compile
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py:227: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py:292: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py:332: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py:227: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py:292: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py:332: High: gethostbyname
DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
/ftp/qbittorrent-3.1.11//src/ico.cpp:251: Medium: read
/ftp/qbittorrent-3.1.11//src/ico.cpp:407: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/httpconnection.cpp:60: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/httpconnection.cpp:80: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cc:3865: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cpp:72: Medium: read
/ftp/qbittorrent-3.1.11//src/qtlibtorrent/qbtsession.cpp:1608: Medium: read
/ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlocalpeer.cpp:173: Medium: read
/ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlocalpeer.cpp:250: Medium: read
/ftp/qbittorrent-3.1.11//src/fs_utils.cpp:214: Medium: read
/ftp/qbittorrent-3.1.11//src/fs_utils.cpp:214: Medium: read
Check buffer boundaries if calling this function in a loop
and make sure you are not in danger of writing past the allocated space.
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cc:4503: Medium: realloc
Don't use on memory intended to be secure, because the old structure will not be zeroed out.
/ftp/qbittorrent-3.1.11//src/main.cpp:112: Medium: getchar
Check buffer boundaries if calling this function in a loop
and make sure you are not in danger of writing past the allocated space.
/ftp/qbittorrent-3.1.11//src/main.cpp:142: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:148: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:153: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:154: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:170: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:171: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:362: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:363: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:364: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:365: Medium: signal
When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set.
See also: razor.bindview.com/publish/papers/signals.txt
/ftp/qbittorrent-3.1.11//src/main.cpp:252: Medium: srand
Standard random number generators should not be used to
generate randomness used for security reasons. For security sensitive
randomness a crytographic randomness generator that provides sufficient
entropy should be used.
Total lines analyzed: 37702
Total time 0.049751 seconds
757813 lines per second
Entries in ruby database: 46
Entries in python database: 62
Entries in c database: 334
Entries in php database: 55
Analyzing /ftp/qbittorrent-3.1.11//src/qtnotify/notifications.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcreator/torrentcreatordlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcreator/torrentcreatorthread.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodelfile.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodelitem.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/ico.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/loglistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/dnsupdater.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/messageboxraised.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/statussortfilterproxymodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/preferences/options_imp.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/powermanagement/powermanagement.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/powermanagement/powermanagement_x11.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodelfolder.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/smtp.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/lineedit/src/lineedit.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httpresponsegenerator.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httpserver.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httpconnection.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/btjson.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/parser.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/json_parser.cc
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cc
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/serializer.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/httprequestparser.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/webui/prefjson.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/programupdater.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/main.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qmacapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/iconprovider.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/downloadthread.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/executionlog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentfiltermodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/update_qrc_files.py
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rss_imp.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssfeed.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssfolder.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rsssettingsdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssdownloadrule.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssarticle.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssfile.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssparser.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/automatedrssdownloader.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/feedlistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssmanager.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/cookiesdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/rss/rssdownloadrulelist.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/shutdownconfirm.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/torrentspeedmonitor.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/qtorrenthandle.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/torrentmodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtlibtorrent/qbtsession.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentimportdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/sessionapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/torrentcontentmodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/previewselect.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/statsdialog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/mainwindow.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtsinglecoreapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlockedfile_win.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtsingleapplication.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlocalpeer.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlockedfile_unix.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlockedfile.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/engineselectdlg.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/nova2.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/novaprinter.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/mininova.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/vertor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/kickasstorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/legittorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/torrentreactor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/btdigg.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/extratorrent.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/piratebay.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/engines/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/nova2dl.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/helpers.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova3/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/searchtab.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/searchengine.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/nova2.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/fix_encoding.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/novaprinter.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/mininova.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/vertor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/kickasstorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/legittorrents.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/torrentreactor.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/btdigg.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/extratorrent.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/piratebay.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/engines/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/nova2dl.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/helpers.py
Analyzing /ftp/qbittorrent-3.1.11//src/searchengine/nova/__init__.py
Analyzing /ftp/qbittorrent-3.1.11//src/scannedfoldersmodel.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/addnewtorrentdialog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/tracker/qtracker.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/fs_utils.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/autoexpandabledialog.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/misc.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/geoip/geoipmanager.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/proptabbar.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/peerlistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/propertieswidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/downloadedpiecesbar.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/pieceavailabilitybar.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/properties/trackerlist.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/transferlistwidget.cpp
Analyzing /ftp/qbittorrent-3.1.11//src/updownratiodlg.cpp
/ftp/qbittorrent-3.1.11//src/ico.cpp:172: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/ico.cpp:180: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/ico.cpp:223: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/ico.cpp:406: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/webui/httpresponsegenerator.cpp:70: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_parser.cc:761: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/downloadthread.cpp:64: High: fixed size local buffer
/ftp/qbittorrent-3.1.11//src/misc.cpp:434: High: fixed size local buffer
Extra care should be taken to ensure that character arrays that are allocated
on the stack are used safely. They are prime targets for buffer overflow
attacks.
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py:19: High: compile
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py:33: High: compile
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/sgmllib3.py:56: High: compile
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py:227: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py:292: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova3/socks.py:332: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py:227: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py:292: High: gethostbyname
/ftp/qbittorrent-3.1.11//src/searchengine/nova/socks.py:332: High: gethostbyname
DNS results can easily be forged by an attacker (or arbitrarily set to large values, etc), and should not be trusted.
/ftp/qbittorrent-3.1.11//src/ico.cpp:251: Medium: read
/ftp/qbittorrent-3.1.11//src/ico.cpp:407: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/httpconnection.cpp:60: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/httpconnection.cpp:80: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cc:3865: Medium: read
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cpp:72: Medium: read
/ftp/qbittorrent-3.1.11//src/qtlibtorrent/qbtsession.cpp:1608: Medium: read
/ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlocalpeer.cpp:173: Medium: read
/ftp/qbittorrent-3.1.11//src/qtsingleapp/qtlocalpeer.cpp:250: Medium: read
/ftp/qbittorrent-3.1.11//src/fs_utils.cpp:214: Medium: read
/ftp/qbittorrent-3.1.11//src/fs_utils.cpp:214: Medium: read
Check buffer boundaries if calling this function in a loop
and make sure you are not in danger of writing past the allocated space.
/ftp/qbittorrent-3.1.11//src/webui/qjson/json_scanner.cc:4503: Medium: realloc
Don't use on memory intended to be secure, because the old structure will not be zeroed out.
/ftp/qbittorrent-3.1.11//src/main.cpp:112: Medium: getchar
Check buffer boundaries if calling this function in a loop
and make sure you are not in danger of writing past the allocated space.
/ftp/qbittorrent-3.1.11//src/main.cpp:142: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:148: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:153: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:154: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:170: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:171: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:362: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:363: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:364: Medium: signal
/ftp/qbittorrent-3.1.11//src/main.cpp:365: Medium: signal
When setting signal handlers, do not use the same function to handle multiple signals. There exists the possibility a race condition will result if 2 or more different signals are sent to the process at nearly the same time. Also, when writing signal handlers, it is best to do as little as possible in them. The best strategy is to use the signal handler to set a flag, that another part of the program tests and performs the appropriate action(s) when it is set.
See also: razor.bindview.com/publish/papers/signals.txt
/ftp/qbittorrent-3.1.11//src/main.cpp:252: Medium: srand
Standard random number generators should not be used to
generate randomness used for security reasons. For security sensitive
randomness a crytographic randomness generator that provides sufficient
entropy should be used.
Total lines analyzed: 37702
Total time 0.049751 seconds
757813 lines per second
Качаем deb-пакет wget ftp.us.debian.org/debian/pool/main/r/rats/rats_2.3-1_amd64.deb и устанавливаем sudo dpkg –i /путь/пакет.deb.
Но зачем? Почему не apt-get install rats?
Зарегистрируйтесь на Хабре, чтобы оставить комментарий
Анализатор исходных кодов RATS