Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/caneda-0.3.1/docs/codingstyle.h
Examining data/caneda-0.3.1/docs/documentsformat.h
Examining data/caneda-0.3.1/docs/documentviewframework.h
Examining data/caneda-0.3.1/docs/doxygenindex.h
Examining data/caneda-0.3.1/docs/modelsformat.h
Examining data/caneda-0.3.1/src/actionmanager.cpp
Examining data/caneda-0.3.1/src/actionmanager.h
Examining data/caneda-0.3.1/src/chartitem.cpp
Examining data/caneda-0.3.1/src/chartitem.h
Examining data/caneda-0.3.1/src/chartscene.cpp
Examining data/caneda-0.3.1/src/chartscene.h
Examining data/caneda-0.3.1/src/chartview.cpp
Examining data/caneda-0.3.1/src/chartview.h
Examining data/caneda-0.3.1/src/component.cpp
Examining data/caneda-0.3.1/src/component.h
Examining data/caneda-0.3.1/src/dialogs/aboutdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/aboutdialog.h
Examining data/caneda-0.3.1/src/dialogs/chartsdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/chartsdialog.h
Examining data/caneda-0.3.1/src/dialogs/exportdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/exportdialog.h
Examining data/caneda-0.3.1/src/dialogs/filenewdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/filenewdialog.h
Examining data/caneda-0.3.1/src/dialogs/messagewidget.cpp
Examining data/caneda-0.3.1/src/dialogs/messagewidget.h
Examining data/caneda-0.3.1/src/dialogs/portsymboldialog.cpp
Examining data/caneda-0.3.1/src/dialogs/portsymboldialog.h
Examining data/caneda-0.3.1/src/dialogs/printdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/printdialog.h
Examining data/caneda-0.3.1/src/dialogs/projectfilenewdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/projectfilenewdialog.h
Examining data/caneda-0.3.1/src/dialogs/projectfileopendialog.cpp
Examining data/caneda-0.3.1/src/dialogs/projectfileopendialog.h
Examining data/caneda-0.3.1/src/dialogs/propertydialog.cpp
Examining data/caneda-0.3.1/src/dialogs/propertydialog.h
Examining data/caneda-0.3.1/src/dialogs/savedocumentsdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/savedocumentsdialog.h
Examining data/caneda-0.3.1/src/dialogs/settingsdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/settingsdialog.h
Examining data/caneda-0.3.1/src/dialogs/shortcutsdialog.cpp
Examining data/caneda-0.3.1/src/dialogs/shortcutsdialog.h
Examining data/caneda-0.3.1/src/documentviewmanager.cpp
Examining data/caneda-0.3.1/src/documentviewmanager.h
Examining data/caneda-0.3.1/src/fileformats.cpp
Examining data/caneda-0.3.1/src/fileformats.h
Examining data/caneda-0.3.1/src/folderbrowser.cpp
Examining data/caneda-0.3.1/src/folderbrowser.h
Examining data/caneda-0.3.1/src/global.cpp
Examining data/caneda-0.3.1/src/global.h
Examining data/caneda-0.3.1/src/graphicsitem.cpp
Examining data/caneda-0.3.1/src/graphicsitem.h
Examining data/caneda-0.3.1/src/graphicsscene.cpp
Examining data/caneda-0.3.1/src/graphicsscene.h
Examining data/caneda-0.3.1/src/graphicsview.cpp
Examining data/caneda-0.3.1/src/graphicsview.h
Examining data/caneda-0.3.1/src/icontext.cpp
Examining data/caneda-0.3.1/src/icontext.h
Examining data/caneda-0.3.1/src/idocument.cpp
Examining data/caneda-0.3.1/src/idocument.h
Examining data/caneda-0.3.1/src/iview.cpp
Examining data/caneda-0.3.1/src/iview.h
Examining data/caneda-0.3.1/src/library.cpp
Examining data/caneda-0.3.1/src/library.h
Examining data/caneda-0.3.1/src/main.cpp
Examining data/caneda-0.3.1/src/mainwindow.cpp
Examining data/caneda-0.3.1/src/mainwindow.h
Examining data/caneda-0.3.1/src/modelviewhelpers.cpp
Examining data/caneda-0.3.1/src/modelviewhelpers.h
Examining data/caneda-0.3.1/src/paintings/arrow.cpp
Examining data/caneda-0.3.1/src/paintings/arrow.h
Examining data/caneda-0.3.1/src/paintings/ellipse.cpp
Examining data/caneda-0.3.1/src/paintings/ellipse.h
Examining data/caneda-0.3.1/src/paintings/ellipsearc.cpp
Examining data/caneda-0.3.1/src/paintings/ellipsearc.h
Examining data/caneda-0.3.1/src/paintings/graphicline.cpp
Examining data/caneda-0.3.1/src/paintings/graphicline.h
Examining data/caneda-0.3.1/src/paintings/graphictext.cpp
Examining data/caneda-0.3.1/src/paintings/graphictext.h
Examining data/caneda-0.3.1/src/paintings/graphictextdialog.cpp
Examining data/caneda-0.3.1/src/paintings/graphictextdialog.h
Examining data/caneda-0.3.1/src/paintings/layer.cpp
Examining data/caneda-0.3.1/src/paintings/layer.h
Examining data/caneda-0.3.1/src/paintings/painting.cpp
Examining data/caneda-0.3.1/src/paintings/painting.h
Examining data/caneda-0.3.1/src/paintings/rectangle.cpp
Examining data/caneda-0.3.1/src/paintings/rectangle.h
Examining data/caneda-0.3.1/src/paintings/styledialog.cpp
Examining data/caneda-0.3.1/src/paintings/styledialog.h
Examining data/caneda-0.3.1/src/port.cpp
Examining data/caneda-0.3.1/src/port.h
Examining data/caneda-0.3.1/src/portsymbol.cpp
Examining data/caneda-0.3.1/src/portsymbol.h
Examining data/caneda-0.3.1/src/project.cpp
Examining data/caneda-0.3.1/src/project.h
Examining data/caneda-0.3.1/src/property.cpp
Examining data/caneda-0.3.1/src/property.h
Examining data/caneda-0.3.1/src/settings.cpp
Examining data/caneda-0.3.1/src/settings.h
Examining data/caneda-0.3.1/src/sidebarchartsbrowser.cpp
Examining data/caneda-0.3.1/src/sidebarchartsbrowser.h
Examining data/caneda-0.3.1/src/sidebaritemsbrowser.cpp
Examining data/caneda-0.3.1/src/sidebaritemsbrowser.h
Examining data/caneda-0.3.1/src/sidebartextbrowser.cpp
Examining data/caneda-0.3.1/src/sidebartextbrowser.h
Examining data/caneda-0.3.1/src/statehandler.cpp
Examining data/caneda-0.3.1/src/statehandler.h
Examining data/caneda-0.3.1/src/syntaxhighlighters.cpp
Examining data/caneda-0.3.1/src/syntaxhighlighters.h
Examining data/caneda-0.3.1/src/tabs.cpp
Examining data/caneda-0.3.1/src/tabs.h
Examining data/caneda-0.3.1/src/textedit.cpp
Examining data/caneda-0.3.1/src/textedit.h
Examining data/caneda-0.3.1/src/tools/gitmanager.cpp
Examining data/caneda-0.3.1/src/tools/gitmanager.h
Examining data/caneda-0.3.1/src/tools/quickinsert.cpp
Examining data/caneda-0.3.1/src/tools/quickinsert.h
Examining data/caneda-0.3.1/src/tools/quicklauncher.cpp
Examining data/caneda-0.3.1/src/tools/quicklauncher.h
Examining data/caneda-0.3.1/src/tools/quickopen.cpp
Examining data/caneda-0.3.1/src/tools/quickopen.h
Examining data/caneda-0.3.1/src/undocommands.cpp
Examining data/caneda-0.3.1/src/undocommands.h
Examining data/caneda-0.3.1/src/wire.cpp
Examining data/caneda-0.3.1/src/wire.h
Examining data/caneda-0.3.1/src/xmlutilities.cpp
Examining data/caneda-0.3.1/src/xmlutilities.h

FINAL RESULTS:

data/caneda-0.3.1/src/global.cpp:85:35:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        QString retVal = QLocale::system().name();
data/caneda-0.3.1/src/main.cpp:39:30:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    translator.load(QLocale::system(), "caneda", "_", Caneda::langDirectory(), ".qm");
data/caneda-0.3.1/src/dialogs/aboutdialog.cpp:47:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        else if(!file->open(QIODevice::ReadOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/documentviewmanager.cpp:167:52:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                    IDocument *document = context->open(fileName);
data/caneda-0.3.1/src/fileformats.cpp:77:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/fileformats.cpp:107:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/fileformats.cpp:529:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/fileformats.cpp:554:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/fileformats.cpp:1097:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/fileformats.cpp:1127:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/fileformats.cpp:1318:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/fileformats.cpp:1727:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!file.open(QIODevice::ReadOnly)) {
data/caneda-0.3.1/src/global.cpp:110:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char Mnemonic[16];
data/caneda-0.3.1/src/icontext.cpp:261:31:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    IDocument* LayoutContext::open(const QString &fileName,
data/caneda-0.3.1/src/icontext.cpp:384:34:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    IDocument* SchematicContext::open(const QString &fileName,
data/caneda-0.3.1/src/icontext.cpp:458:35:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    IDocument* SimulationContext::open(const QString &fileName,
data/caneda-0.3.1/src/icontext.cpp:551:31:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    IDocument* SymbolContext::open(const QString &fileName,
data/caneda-0.3.1/src/icontext.cpp:636:29:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    IDocument* TextContext::open(const QString& fileName, QString *errorMessage)
data/caneda-0.3.1/src/icontext.h:71:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        virtual IDocument* open(const QString& filename, QString *errorMessage = 0) = 0;
data/caneda-0.3.1/src/icontext.h:116:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        virtual IDocument* open(const QString &fileName, QString *errorMessage = 0);
data/caneda-0.3.1/src/icontext.h:161:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        virtual IDocument* open(const QString &fileName, QString *errorMessage = 0);
data/caneda-0.3.1/src/icontext.h:206:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        virtual IDocument* open(const QString &fileName, QString *errorMessage = 0);
data/caneda-0.3.1/src/icontext.h:250:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        virtual IDocument* open(const QString &fileName, QString *errorMessage = 0);
data/caneda-0.3.1/src/icontext.h:294:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        virtual IDocument* open(const QString& filename, QString *errorMessage = 0);
data/caneda-0.3.1/src/idocument.cpp:1762:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/idocument.cpp:1804:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/caneda-0.3.1/src/library.cpp:73:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(file.open(QIODevice::ReadOnly)) {
data/caneda-0.3.1/src/mainwindow.cpp:154:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                open(str);
data/caneda-0.3.1/src/mainwindow.cpp:217:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    void MainWindow::open(QString fileName)
data/caneda-0.3.1/src/mainwindow.cpp:249:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        open(filename);
data/caneda-0.3.1/src/mainwindow.cpp:265:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            open(action->data().toString());
data/caneda-0.3.1/src/mainwindow.cpp:342:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            open(fileName); // The document was saved ok, now reopen the document to load text highlighting
data/caneda-0.3.1/src/mainwindow.cpp:752:73:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        connect(quickBrowser, SIGNAL(itemSelected(QString)), this, SLOT(open(QString)));
data/caneda-0.3.1/src/mainwindow.cpp:942:51:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        connect(action, SIGNAL(triggered()), SLOT(open()));
data/caneda-0.3.1/src/mainwindow.cpp:1617:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                SLOT(open(QString)));
data/caneda-0.3.1/src/mainwindow.cpp:1632:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                SLOT(open(QString)));
data/caneda-0.3.1/src/mainwindow.h:72:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        void open(QString fileName = QString());
data/caneda-0.3.1/src/project.cpp:251:53:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        QScopedPointer<IDocument> document(context->open(sourceFileName, &errorMessage));
data/caneda-0.3.1/src/sidebartextbrowser.cpp:117:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) {

ANALYSIS SUMMARY:

Hits = 39
Lines analyzed = 31761 in approximately 0.89 seconds (35668 lines/second)
Physical Source Lines of Code (SLOC) = 17480
Hits@level = [0]   0 [1]   0 [2]  37 [3]   0 [4]   2 [5]   0
Hits@level+ = [0+]  39 [1+]  39 [2+]  39 [3+]   2 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 2.23112 [1+] 2.23112 [2+] 2.23112 [3+] 0.114416 [4+] 0.114416 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.