stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/testvcard.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildir20percentread.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirfetchunreadheaders.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirremovereadmessages.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirfetchunreadheaders.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirfetchallheaders.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildir.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirremovereadmessages.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirfetchallheaders.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirimport.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildir20percentread.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildir.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maildir/maildirimport.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/testmaildir.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maketest.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/testvcard.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/testmaildir.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/main.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/maketest.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/test.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/test.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/vcard/vcardimport.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/vcard/vcardimport.cpp
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/vcard/vcard.h
Examining data/akonadi-mime-20.08.2/autotests/benchmarker/vcard/vcard.cpp
Examining data/akonadi-mime-20.08.2/autotests/racetest.h
Examining data/akonadi-mime-20.08.2/autotests/localfolderstest.h
Examining data/akonadi-mime-20.08.2/autotests/collectionjobtest.h
Examining data/akonadi-mime-20.08.2/autotests/racetest.cpp
Examining data/akonadi-mime-20.08.2/autotests/mailserializerplugintest.h
Examining data/akonadi-mime-20.08.2/autotests/pop3resourceattributetest.h
Examining data/akonadi-mime-20.08.2/autotests/newmailnotifierattributetest.h
Examining data/akonadi-mime-20.08.2/autotests/newmailnotifierattributetest.cpp
Examining data/akonadi-mime-20.08.2/autotests/mailserializertest.h
Examining data/akonadi-mime-20.08.2/autotests/localfoldersrequestjobtest.cpp
Examining data/akonadi-mime-20.08.2/autotests/messagetests/messagetest.h
Examining data/akonadi-mime-20.08.2/autotests/messagetests/messagetest.cpp
Examining data/akonadi-mime-20.08.2/autotests/localfoldersrequestjobtest.h
Examining data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp
Examining data/akonadi-mime-20.08.2/autotests/mailserializerplugintest.cpp
Examining data/akonadi-mime-20.08.2/autotests/pop3resourceattributetest.cpp
Examining data/akonadi-mime-20.08.2/autotests/localfolderstest.cpp
Examining data/akonadi-mime-20.08.2/tests/foldersrequester.cpp
Examining data/akonadi-mime-20.08.2/tests/foldersrequester.h
Examining data/akonadi-mime-20.08.2/tests/headfetcher.h
Examining data/akonadi-mime-20.08.2/tests/headfetcher.cpp
Examining data/akonadi-mime-20.08.2/serializers/akonadi_serializer_mail.cpp
Examining data/akonadi-mime-20.08.2/serializers/akonadi_serializer_mail.h
Examining data/akonadi-mime-20.08.2/src/specialmailcollectionsrequestjob.h
Examining data/akonadi-mime-20.08.2/src/specialmailcollectionsrequestjob.cpp
Examining data/akonadi-mime-20.08.2/src/movecommand.h
Examining data/akonadi-mime-20.08.2/src/commandbase.cpp
Examining data/akonadi-mime-20.08.2/src/util_p.h
Examining data/akonadi-mime-20.08.2/src/addressattribute.h
Examining data/akonadi-mime-20.08.2/src/pop3resourceattribute.h
Examining data/akonadi-mime-20.08.2/src/markascommand.cpp
Examining data/akonadi-mime-20.08.2/src/emptytrashcommand.h
Examining data/akonadi-mime-20.08.2/src/messageflags.h
Examining data/akonadi-mime-20.08.2/src/messageparts.cpp
Examining data/akonadi-mime-20.08.2/src/newmailnotifierattribute.h
Examining data/akonadi-mime-20.08.2/src/addressattribute.cpp
Examining data/akonadi-mime-20.08.2/src/specialmailcollections.cpp
Examining data/akonadi-mime-20.08.2/src/movetotrashcommand.h
Examining data/akonadi-mime-20.08.2/src/removeduplicatesjob.cpp
Examining data/akonadi-mime-20.08.2/src/newmailnotifierattribute.cpp
Examining data/akonadi-mime-20.08.2/src/attributeregistrar.cpp
Examining data/akonadi-mime-20.08.2/src/messagemodel.h
Examining data/akonadi-mime-20.08.2/src/messageparts.h
Examining data/akonadi-mime-20.08.2/src/messageflags.cpp
Examining data/akonadi-mime-20.08.2/src/specialmailcollections.h
Examining data/akonadi-mime-20.08.2/src/messagefolderattribute.cpp
Examining data/akonadi-mime-20.08.2/src/pop3resourceattribute.cpp
Examining data/akonadi-mime-20.08.2/src/metatype.h
Examining data/akonadi-mime-20.08.2/src/movetotrashcommand.cpp
Examining data/akonadi-mime-20.08.2/src/messagestatus.h
Examining data/akonadi-mime-20.08.2/src/movecommand.cpp
Examining data/akonadi-mime-20.08.2/src/specialmailcollectionstesting_p.h
Examining data/akonadi-mime-20.08.2/src/commandbase.h
Examining data/akonadi-mime-20.08.2/src/standardmailactionmanager.h
Examining data/akonadi-mime-20.08.2/src/specialmailcollectionsdiscoveryjob.cpp
Examining data/akonadi-mime-20.08.2/src/emptytrashcommand.cpp
Examining data/akonadi-mime-20.08.2/src/messagestatus.cpp
Examining data/akonadi-mime-20.08.2/src/messagefolderattribute.h
Examining data/akonadi-mime-20.08.2/src/specialmailcollectionsdiscoveryjob.h
Examining data/akonadi-mime-20.08.2/src/standardmailactionmanager.cpp
Examining data/akonadi-mime-20.08.2/src/markascommand.h
Examining data/akonadi-mime-20.08.2/src/util.cpp
Examining data/akonadi-mime-20.08.2/src/specialmailcollectionstesting.cpp
Examining data/akonadi-mime-20.08.2/src/removeduplicatesjob.h
Examining data/akonadi-mime-20.08.2/src/messagemodel.cpp

FINAL RESULTS:

data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp:70:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buffer.open(QIODevice::WriteOnly);
data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp:124:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buffer.open(QIODevice::ReadOnly);
data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp:163:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buffer.open(QIODevice::WriteOnly);
data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp:228:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buffer.open(QIODevice::ReadWrite);
data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp:287:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buffer.open(QIODevice::ReadOnly);
data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp:329:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buffer.open(QIODevice::ReadOnly);
data/akonadi-mime-20.08.2/autotests/mailserializertest.cpp:353:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    buffer.open(QIODevice::ReadOnly);
data/akonadi-mime-20.08.2/autotests/messagetests/messagetest.cpp:46:26:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    const bool ok = file.open(QIODevice::ReadOnly);
data/akonadi-mime-20.08.2/src/specialmailcollections.cpp:35:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char s_specialCollectionTypes[SpecialMailCollections::LastType][11] = {
data/akonadi-mime-20.08.2/src/messagestatus.cpp:283:43:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void Akonadi::MessageStatus::setRead(bool read)
data/akonadi-mime-20.08.2/src/messagestatus.cpp:285:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read) {

ANALYSIS SUMMARY:

Hits = 11
Lines analyzed = 8380 in approximately 0.23 seconds (35869 lines/second)
Physical Source Lines of Code (SLOC) = 5797
Hits@level = [0]   0 [1]   2 [2]   9 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  11 [1+]  11 [2+]   9 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 1.89753 [1+] 1.89753 [2+] 1.55253 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.