| Date: | 08/06/23 11:44:00 |
|---|---|
| PVS-Studio Version: | 7.25.72091.245 |
| Total Warnings (GA): | 180 |
| Total Warnings (OP): | 1 |
| Total Warnings (64): | 11 |
| Group | Projects | Location | Level | Code | CWE | Message |
|---|---|---|---|---|---|---|
| 64-bit errors | UnRAR |
consio.cpp:86 | High | V220 | Suspicious sequence of types castings: memsize -> 32-bit integer -> memsize. The value being cast: 'wcslen(Msg)'. | |
| 64-bit errors | UnRAR |
crypt.cpp:99 | Medium | V127 | An overflow of the 32-bit 'Count' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| 64-bit errors | UnRAR |
encname.cpp:58 | Medium | V127 | An overflow of the 32-bit 'Length' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| 64-bit errors | UnRAR |
file.cpp:400 | Medium | V127 | An overflow of the 32-bit 'ReadSize' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| 64-bit errors | UnRAR |
file.cpp:402 | Medium | V127 | An overflow of the 32-bit 'TotalRead' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| 64-bit errors | UnRAR |
file.cpp:562 | Medium | V303 | The function 'SetFilePointer' is deprecated in the Win64 system. It is safer to use the 'SetFilePointerEx' function. | |
| 64-bit errors | UnRAR |
file.cpp:593 | Medium | V303 | The function 'SetFilePointer' is deprecated in the Win64 system. It is safer to use the 'SetFilePointerEx' function. | |
| 64-bit errors | UnRAR |
list.cpp:110 | Medium | V127 | An overflow of the 32-bit 'FileCount' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| 64-bit errors | UnRAR |
rdwrfn.cpp:108 | Medium | V127 | An overflow of the 32-bit 'TotalRead' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| 64-bit errors | UnRAR |
threadmisc.cpp:134 | Medium | V127 | An overflow of the 32-bit 'Count' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| 64-bit errors | UnRAR |
unpack.cpp:236 | Medium | V127 | An overflow of the 32-bit 'LengthCount[LengthTable[I] & 0xf]' variable is possible inside a long cycle which utilizes a memsize-type loop counter. | |
| General Analysis | UnRAR |
arccmt.cpp:67 | Medium | V1051 | CWE-754 | Consider checking for misprints. It's possible that the 'UnpCmtLength' should be checked here. |
| General Analysis | UnRAR |
archive.cpp:119 | Medium | V560 | CWE-571 | A part of conditional expression is always true: D[6] > 1. |
| General Analysis | UnRAR |
archive.cpp:206 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
archive.cpp:6 | Medium | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: CurHeaderType, ShortBlock, MarkHead, FileHead, SubBlockHead, SubHead, ... |
| General Analysis | UnRAR |
arcread.cpp:816 | Medium | V1051 | CWE-754 | Consider checking for misprints. It's possible that the 'hd->FileAttr' should be checked here. |
| General Analysis | UnRAR |
arcread.cpp:1432 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
arcread.cpp:337 | Medium | V688 | The 'FileName' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
arcread.cpp:857 | Medium | V688 | The 'FileName' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
arcread.cpp:17 | Medium | V719 | The switch statement does not cover all values of the 'RARFORMAT' enum: RARFMT_FUTURE, RARFMT_NONE. | |
| General Analysis | UnRAR |
arcread.cpp:334 | Low | V1051 | CWE-754 | Consider checking for misprints. It's possible that the 'hd->UnpSize' should be checked here. |
| General Analysis | UnRAR |
arcread.cpp:1241 | Low | V601 | CWE-704 | The 'false' value is implicitly cast to the integer type. |
| General Analysis | UnRAR |
arcread.cpp:1264 | Low | V601 | CWE-704 | The 'false' value is implicitly cast to the integer type. |
| General Analysis | UnRAR |
arcread.cpp:399 | Low | V634 | CWE-783 | The priority of the '*' operation is higher than that of the '>>' operation. It's possible that parentheses should be used in the expression. |
| General Analysis | UnRAR |
arcread.cpp:1288 | Low | V688 | The 'FileName' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
blake2s.cpp:137 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_32' macro is similar to '_WIN32'. | |
| General Analysis | UnRAR |
blake2s.hpp:41 | Medium | V730 | CWE-457 | It is possible that not all members of a class are initialized inside the constructor. Consider inspecting: ubuf, buflen, last_node. |
| General Analysis | UnRAR |
blake2sp.cpp:107 | High | V595 | CWE-476 | The 'S->ThPool' pointer was utilized before it was verified against nullptr. Check lines: 107, 116. |
| General Analysis | UnRAR |
blake2s_sse.cpp:8 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_64' macro is similar to '_WIN64'. | |
| General Analysis | UnRAR |
blake2s_sse.cpp:27 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_64' macro is similar to '_WIN64'. | |
| General Analysis | UnRAR |
blake2s_sse.cpp:37 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_32' macro is similar to '_WIN32'. | |
| General Analysis | UnRAR |
blake2s_sse.cpp:76 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_64' macro is similar to '_WIN64'. | |
| General Analysis | UnRAR |
blake2s_sse.cpp:109 | Medium | V1032 | CWE-843 | The pointer 'block' is cast to a more strictly aligned pointer type. |
| General Analysis | UnRAR |
blake2s_sse.cpp:40 | Low | V1003 | The macro 'mm_rotr_epi32' is a dangerous expression. The parameter 'c' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
blake2s_sse.cpp:43 | Low | V1003 | The macro 'mm_rotr_epi32' is a dangerous expression. The parameter 'c' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
cmdfilter.cpp:290 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
cmdmix.cpp:19 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_32' macro is similar to '_WIN32'. | |
| General Analysis | UnRAR |
cmdmix.cpp:19 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_64' macro is similar to '_WIN64'. | |
| General Analysis | UnRAR |
cmdmix.cpp:22 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_32' macro is similar to '_WIN32'. | |
| General Analysis | UnRAR |
cmdmix.cpp:25 | High | V1040 | Possible typo in the spelling of a pre-defined macro name. The '_WIN_64' macro is similar to '_WIN64'. | |
| General Analysis | UnRAR |
coder.cpp:9 | Low | V688 | The 'UnpackRead' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
consio.cpp:196 | Medium | V557 | CWE-787 | Array overrun is possible. The value of 'TrailRead' index could reach 126. |
| General Analysis | UnRAR |
crypt.cpp:11 | Medium | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: SubstTable20, Key20, Key13, Key15. |
| General Analysis | UnRAR |
crypt.cpp:114 | Low | V676 | CWE-253 | It is incorrect to compare the variable of BOOL type with TRUE. |
| General Analysis | UnRAR |
crypt.cpp:46 | Low | V688 | The 'Method' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
crypt.hpp:131 | Medium | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: Lg2Count, Salt, InitV, PswCheck. |
| General Analysis | UnRAR |
crypt.hpp:155 | Low | V688 | The 'PswCheck' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
crypt2.cpp:3 | Low | V1003 | The macro 'substLong' is a dangerous expression. The parameter 't' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
errhnd.cpp:239 | Low | V688 | The 'ExitCode' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
extinfo.cpp:139 | High | V781 | CWE-20 | The value of the 'I' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis | UnRAR |
extract.cpp:1052 | Medium | V547 | CWE-571 | Expression '!RefMove' is always true. |
| General Analysis | UnRAR |
extract.cpp:663 | Medium | V560 | CWE-571 | A part of conditional expression is always true: !UserReject. |
| General Analysis | UnRAR |
extract.cpp:771 | Medium | V560 | CWE-571 | A part of conditional expression is always true: !SkipSolid. |
| General Analysis | UnRAR |
extract.cpp:834 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
extract.cpp:929 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
extract.cpp:1473 | Medium | V688 | The 'ArcName' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
extract.cpp:1498 | Medium | V688 | The 'FirstFile' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
extract.cpp:3 | Low | V688 | The 'Cmd' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
extract.cpp:1012 | Low | V688 | The 'ArcName' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
extract.cpp:3 | Low | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: FileCount, MatchedArgs, FirstFile, AllMatchesExact, ReconstructDone, UseExactVolName, ... |
| General Analysis | UnRAR |
extract.cpp:1255 | Low | V796 | CWE-484 | It is possible that 'break' statement is missing in switch statement. |
| General Analysis | UnRAR |
file.cpp:3 | High | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: NoSequentialRead, SeekBuf. |
| General Analysis | UnRAR |
file.cpp:530 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
file.cpp:400 | Low | V1026 | CWE-190 | The 'ReadSize' variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. |
| General Analysis | UnRAR |
file.cpp:402 | Low | V1026 | CWE-190 | The 'TotalRead' variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. |
| General Analysis | UnRAR |
file.cpp:834 | Low | V1051 | CWE-754 | Consider checking for misprints. It's possible that the 'CopySize' should be checked here. |
| General Analysis | UnRAR |
file.cpp:253 | Low | V676 | CWE-253 | It is incorrect to compare the variable of BOOL type with TRUE. Correct expression is: 'CloseHandle(hFile) != FALSE'. |
| General Analysis | UnRAR |
file.cpp:330 | Low | V676 | CWE-253 | It is incorrect to compare the variable of BOOL type with TRUE. |
| General Analysis | UnRAR |
file.cpp:336 | Low | V676 | CWE-253 | It is incorrect to compare the variable of BOOL type with TRUE. |
| General Analysis | UnRAR |
file.cpp:649 | Low | V676 | CWE-253 | It is incorrect to compare the variable of BOOL type with TRUE. Correct expression is: 'SetEndOfFile(hFile) != FALSE'. |
| General Analysis | UnRAR |
file.cpp:52 | Low | V688 | The 'OpenShared' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
file.hpp:54 | Medium | V690 | The 'File' class implements the copy assignment operator, but lacks a copy constructor. It is dangerous to use such a class. | |
| General Analysis | UnRAR |
getbits.cpp:3 | High | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: InAddr, InBit. |
| General Analysis | UnRAR |
hash.cpp:42 | High | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: CurCRC32. |
| General Analysis | UnRAR |
hash.cpp:3 | Low | V688 | The 'Type' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
hash.cpp:67 | Low | V688 | The 'MaxThreads' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
headers.hpp:178 | Medium | V690 | The 'FileHeader' class implements the copy assignment operator, but lacks a copy constructor. It is dangerous to use such a class. | |
| General Analysis | UnRAR |
isnt.cpp:94 | Low | V522 | CWE-690 | There might be dereferencing of a potential null pointer 'pEnumerator'. |
| General Analysis | UnRAR |
list.cpp:43 | High | V547 | CWE-570 | Expression 'SetCount ++ > 0' is always false. |
| General Analysis | UnRAR |
list.cpp:45 | High | V547 | CWE-571 | Expression 'SetCount ++ > 0' is always true. |
| General Analysis | UnRAR |
list.cpp:47 | High | V547 | CWE-571 | Expression 'SetCount ++ > 0' is always true. |
| General Analysis | UnRAR |
list.cpp:53 | High | V547 | CWE-571 | Expression 'SetCount ++ > 0' is always true. |
| General Analysis | UnRAR |
list.cpp:58 | High | V547 | CWE-571 | Expression 'SetCount ++ > 0' is always true. |
| General Analysis | UnRAR |
list.cpp:60 | High | V547 | CWE-571 | Expression 'SetCount ++ > 0' is always true. |
| General Analysis | UnRAR |
list.cpp:62 | High | V547 | CWE-571 | Expression 'SetCount ++ > 0' is always true. |
| General Analysis | UnRAR |
list.cpp:64 | High | V547 | CWE-571 | Expression 'SetCount ++ > 0' is always true. |
| General Analysis | UnRAR |
list.cpp:326 | Medium | V547 | CWE-571 | Expression 'WinTitles' is always true. |
| General Analysis | UnRAR |
list.cpp:330 | Medium | V547 | CWE-571 | Expression 'WinTitles' is always true. |
| General Analysis | UnRAR |
list.cpp:335 | Medium | V547 | CWE-571 | Expression 'WinTitles' is always true. |
| General Analysis | UnRAR |
list.cpp:159 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
model.cpp:330 | Medium | V602 | CWE-480 | Consider inspecting the '(ns > 3)' expression. '>' possibly should be replaced with '>>'. |
| General Analysis | UnRAR |
model.cpp:618 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
model.cpp:639 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
model.cpp:360 | Low | V1003 | The macro 'GET_MEAN' is a dangerous expression. The parameters 'SUMM', 'ROUND' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
model.cpp:151 | Low | V1019 | CWE-480 | Compound assignment expression 'NumStats -= i' is used inside condition. |
| General Analysis | UnRAR |
model.cpp:55 | Low | V522 | CWE-690 | There might be dereferencing of a potential null pointer 'MinContext->U.Stats'. |
| General Analysis | UnRAR |
model.cpp:74 | Low | V688 | The 'MaxOrder' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
model.cpp:573 | Low | V688 | The 'MaxOrder' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
model.cpp:30 | Low | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: SEE2Cont, DummySEE2Cont, FoundState, NumMasked, InitEsc, OrderFall, ... |
| General Analysis | UnRAR |
pathfn.cpp:1047 | Medium | V560 | CWE-571 | A part of conditional expression is always true: I > 0. |
| General Analysis | UnRAR |
pathfn.cpp:470 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
pathfn.cpp:1033 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
pathfn.cpp:1064 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
qopen.cpp:210 | Low | V658 | CWE-190 | A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the '<' comparison operation can potentially behave unexpectedly. |
| General Analysis | UnRAR |
qopen.cpp:237 | Low | V658 | CWE-190 | A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the '<' comparison operation can potentially behave unexpectedly. Consider inspecting the 'MaxBufSize - ReadBufPos < 0x100' expression. |
| General Analysis | UnRAR |
qopen.cpp:17 | Low | V688 | The 'Arc' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
qopen.cpp:17 | Low | V688 | The 'WriteMode' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
qopen.cpp:3 | Low | V730 | CWE-457 | It is possible that not all members of a class are initialized inside the constructor. Consider inspecting: QOHeaderPos, RawDataStart, RawDataSize, RawDataPos, ReadBufSize, ReadBufPos, ... |
| General Analysis | UnRAR |
rar.cpp:71 | Medium | V768 | CWE-571 | The variable 'ShutdownOnClose' is of enum type. It is odd that it is used as a variable of a Boolean-type. |
| General Analysis | UnRAR |
rardefs.hpp:33 | Low | V1003 | The macro 'ALIGN_VALUE' is a dangerous expression. The parameter 'a' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
rarvm.cpp:3 | Medium | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: R. |
| General Analysis | UnRAR |
rarvm.hpp:14 | High | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: InitR, FilteredData. |
| General Analysis | UnRAR |
rawint.hpp:4 | Low | V1003 | The macro 'rotls' is a dangerous expression. The parameter 'xsize' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
rawint.hpp:5 | Low | V1003 | The macro 'rotrs' is a dangerous expression. The parameter 'xsize' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
rawread.cpp:10 | Low | V688 | The 'SrcFile' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
rawread.hpp:22 | Medium | V1071 | Consider inspecting the 'GetV' function. The return value is not always used. Total calls: 37, discarded results: 1. | |
| General Analysis | UnRAR |
rawread.hpp:36 | Low | V688 | The 'Crypt' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
rdwrfn.cpp:125 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
rdwrfn.cpp:3 | Medium | V730 | CWE-457 | It is possible that not all members of a class are initialized inside the constructor. Consider inspecting: UnpackFromMemorySize, UnpackFromMemoryAddr, UnpackToMemorySize, UnpackToMemoryAddr. |
| General Analysis | UnRAR |
rdwrfn.cpp:108 | Low | V1026 | CWE-190 | The 'TotalRead' variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. |
| General Analysis | UnRAR |
rdwrfn.cpp:232 | Low | V688 | The 'DestFile' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
rdwrfn.cpp:232 | Low | V688 | The 'SrcFile' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
recvol.cpp:25 | Medium | V1074 | Boundary between escape sequence and string is unclear. The escape sequence ends with a letter and the next character is also a letter. Check for typos. | |
| General Analysis | UnRAR |
recvol.cpp:99 | Medium | V1074 | Boundary between escape sequence and string is unclear. The escape sequence ends with a letter and the next character is also a letter. Check for typos. | |
| General Analysis | UnRAR |
recvol3.cpp:424 | Medium | V507 | CWE-562 | Pointer to local array 'Erasures' is stored outside the scope of this array. Such a pointer will become invalid. |
| General Analysis | UnRAR |
recvol3.cpp:245 | Medium | V560 | CWE-570 | A part of conditional expression is always false: SrcPos < 0. |
| General Analysis | UnRAR |
recvol3.cpp:471 | Medium | V688 | The 'Buf' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
recvol3.cpp:12 | Low | V688 | The 'RecVolNumber' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
recvol5.cpp:7 | High | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: ReadBuffer, ValidFlags, MissingVolumes. |
| General Analysis | UnRAR |
recvol5.cpp:450 | Medium | V1074 | Boundary between escape sequence and string is unclear. The escape sequence ends with a letter and the next character is also a letter. Check for typos. | |
| General Analysis | UnRAR |
recvol5.cpp:7 | Medium | V1077 | CWE-457 | The 'RecVolumes5' constructor contains potentially uninitialized members. Inspect the following: Buf. |
| General Analysis | UnRAR |
rijndael.cpp:83 | Low | V730 | CWE-457 | It is possible that not all members of a class are initialized inside the constructor. Consider inspecting: AES_NI, m_uRounds, m_initVector, m_expandedKey. |
| General Analysis | UnRAR |
rs.cpp:5 | Low | V688 | The 'ParSize' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
rs16.cpp:171 | High | V781 | CWE-20 | The value of the 'Kf' index is checked after it was used. Perhaps there is a mistake in program logic. |
| General Analysis | UnRAR |
rs16.cpp:290 | Medium | V547 | CWE-571 | Expression 'DirectAccess' is always true. |
| General Analysis | UnRAR |
rs16.cpp:303 | Medium | V547 | CWE-571 | Expression 'DirectAccess' is always true. |
| General Analysis | UnRAR |
scantree.cpp:3 | High | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: OrigCurMask, SearchAllInRoot, SpecPathLength. |
| General Analysis | UnRAR |
scantree.cpp:237 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
scantree.cpp:276 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
scantree.cpp:3 | Low | V688 | The 'FileMasks' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
scantree.cpp:3 | Low | V688 | The 'GetDirs' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
scantree.cpp:3 | Low | V688 | The 'GetLinks' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
scantree.cpp:3 | Low | V688 | The 'Recurse' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
scantree.hpp:70 | Low | V688 | The 'Cmd' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
sha1.cpp:42 | Medium | V1032 | CWE-843 | The pointer 'buffer' is cast to a more strictly aligned pointer type. |
| General Analysis | UnRAR |
sha1.cpp:20 | Low | V1003 | The macro 'blk' is a dangerous expression. The parameter 'i' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
sha256.cpp:26 | Low | V1003 | The macro 'Ch' is a dangerous expression. The parameters 'x', 'y', 'z' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
sha256.cpp:27 | Low | V1003 | The macro 'Maj' is a dangerous expression. The parameters 'x', 'y', 'z' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
sha256.cpp:32 | Low | V1003 | The macro 'sg0' is a dangerous expression. The parameter 'x' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
sha256.cpp:33 | Low | V1003 | The macro 'sg1' is a dangerous expression. The parameter 'x' must be surrounded by parentheses. | |
| General Analysis | UnRAR |
strlist.cpp:3 | Low | V730 | CWE-457 | It is possible that not all members of a class are initialized inside the constructor. Consider inspecting: SaveCurPos. |
| General Analysis | UnRAR |
suballoc.cpp:251 | Medium | V619 | CWE-480 | The array 'FreeList' is being utilized as a pointer to single object. |
| General Analysis | UnRAR |
suballoc.cpp:259 | Low | V1065 | CWE-682 | Expression can be simplified, check '1' and similar operands. |
| General Analysis | UnRAR |
suballoc.cpp:11 | Low | V730 | CWE-457 | It is possible that not all members of a class are initialized inside the constructor. Consider inspecting: Indx2Units, Units2Indx, GlueCount, HeapStart, LoUnit, HiUnit, ... |
| General Analysis | UnRAR |
threadmisc.cpp:145 | Medium | V547 | CWE-570 | Expression 'NumCPU < 1' is always false. |
| General Analysis | UnRAR |
threadmisc.cpp:63 | Low | V513 | CWE-676 | Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions. |
| General Analysis | UnRAR |
threadpool.cpp:22 | Medium | V547 | CWE-570 | Expression is always false. |
| General Analysis | UnRAR |
threadpool.cpp:10 | Medium | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: ThreadHandles, TaskQueue. |
| General Analysis | UnRAR |
uiconsole.cpp:235 | Medium | V1037 | CWE-691 | Two or more case-branches perform the same actions. Check lines: 235, 378 |
| General Analysis | UnRAR |
unicode.cpp:308 | Medium | V547 | CWE-571 | Expression '(uint) * Src < 0x10000' is always true. |
| General Analysis | UnRAR |
unicode.cpp:285 | Medium | V560 | CWE-571 | A part of conditional expression is always true: c < 0x200000. |
| General Analysis | UnRAR |
unpack.cpp:137 | High | V595 | CWE-476 | The 'Window' pointer was utilized before it was verified against nullptr. Check lines: 137, 139. |
| General Analysis | UnRAR |
unpack.cpp:18 | Medium | V730 | CWE-457 | It is possible that not all members of a class are initialized inside the constructor. Consider inspecting: DestUnpSize, FileExtracted, PrevLowDist, LowDistRepCount. |
| General Analysis | UnRAR |
unpack.cpp:129 | Low | V1004 | CWE-628 | The 'NewWindow' pointer was used unsafely after it was verified against nullptr. Check lines: 107, 129. |
| General Analysis | UnRAR |
unpack.cpp:18 | Low | V1077 | CWE-457 | The 'Unpack' constructor contains potentially uninitialized members. Inspect the following: OldDist, OldDistPtr, LastLength, LastDist, BlockTables, UnpPtr, WrPtr, .... |
| General Analysis | UnRAR |
unpack.cpp:42 | Low | V601 | CWE-704 | The 'false' value is implicitly cast to the integer type. Inspect the first argument. |
| General Analysis | UnRAR |
unpack.hpp:382 | Low | V688 | The 'Suspended' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpack.hpp:130 | Low | V730 | CWE-457 | Not all members of a class are initialized inside the constructor. Consider inspecting: UnpackPtr, HeaderRead, BlockHeader, TableRead, BlockTables, DataSize, ... |
| General Analysis | UnRAR |
unpack15.cpp:309 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
unpack20.cpp:133 | High | V547 | CWE-571 | Expression 'Number < 270' is always true. |
| General Analysis | UnRAR |
unpack30.cpp:238 | High | V547 | CWE-571 | Expression 'Number < 272' is always true. |
| General Analysis | UnRAR |
unpack30.cpp:583 | High | V561 | CWE-563 | It's probably better to assign value to 'ParentPrg' variable than to declare it anew. Previous declaration: unpack30.cpp, line 561. |
| General Analysis | UnRAR |
unpack50.cpp:136 | High | V547 | CWE-571 | Expression 'MainSlot < 262' is always true. |
| General Analysis | UnRAR |
unpack50.cpp:393 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
unpack50.cpp:245 | Low | V1051 | CWE-754 | Consider checking for misprints. It's possible that the 'BlockHeader.BlockStart' should be checked here. |
| General Analysis | UnRAR |
unpack50.cpp:158 | Low | V688 | The 'Inp' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpack50.cpp:173 | Low | V688 | The 'Inp' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpack50.cpp:535 | Low | V688 | The 'Inp' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpack50.cpp:579 | Low | V688 | The 'Inp' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpack50mt.cpp:237 | High | V1002 | CWE-665 | The 'UnpackThreadData' class, containing pointers, constructor and destructor, is copied by the automatically generated operator=. |
| General Analysis | UnRAR |
unpack50mt.cpp:434 | High | V547 | CWE-571 | Expression 'MainSlot < 262' is always true. |
| General Analysis | UnRAR |
unpack50mt.cpp:639 | High | V547 | CWE-571 | Expression 'MainSlot < 262' is always true. |
| General Analysis | UnRAR |
unpack50mt.cpp:137 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| General Analysis | UnRAR |
unpack50mt.cpp:312 | Medium | V688 | The 'ReadBorder' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpack50mt.cpp:542 | Medium | V688 | The 'ReadBorder' local variable possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpack50mt.cpp:16 | Low | V574 | CWE-823 | The 'DL->D' pointer is used simultaneously as an array and as a pointer to single object. Check lines: 16, 16. |
| General Analysis | UnRAR |
unpack50mt.cpp:340 | Low | V769 | CWE-119 | The 'D.Decoded' pointer in the 'D.Decoded + D.DecodedSize ++' expression could be nullptr. In such case, resulting value will be senseless and it should not be used. Check lines: 340, 334. |
| General Analysis | UnRAR |
unpack50mt.cpp:37 | Low | V780 | The object 'UnpThreadData' of a non-passive (non-PDS) type cannot be initialized using the memset function. | |
| General Analysis | UnRAR |
unpackinline.cpp:82 | Low | V688 | The 'Inp' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
unpackinline.cpp:127 | Low | V688 | The 'Inp' function argument possesses the same name as one of the class members, which can result in a confusion. | |
| General Analysis | UnRAR |
volume.cpp:22 | Medium | V648 | CWE-783 | Priority of the '&&' operation is higher than that of the '||' operation. |
| Micro-optimizations | UnRAR |
unpack.hpp:145 | Medium | V802 | On 64-bit platform, structure size can be reduced from 16 to 12 bytes by rearranging the fields according to their sizes in decreasing order. |