Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/charmtimetracker-1.12.0/Charm/ApplicationCore.cpp
Examining data/charmtimetracker-1.12.0/Charm/ApplicationCore.h
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmCommandInterface.cpp
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmCommandInterface.h
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmCommandProtocol.h
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmCommandServer.cpp
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmCommandServer.h
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmCommandSession.cpp
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmCommandSession.h
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmLocalCommandServer.cpp
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmLocalCommandServer.h
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmTCPCommandServer.cpp
Examining data/charmtimetracker-1.12.0/Charm/CI/CharmTCPCommandServer.h
Examining data/charmtimetracker-1.12.0/Charm/Charm.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandAddTask.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandAddTask.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandDeleteEvent.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandDeleteEvent.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandDeleteTask.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandDeleteTask.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandExportToXml.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandExportToXml.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandImportFromXml.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandImportFromXml.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandMakeAndActivateEvent.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandMakeAndActivateEvent.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandMakeEvent.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandMakeEvent.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandModifyEvent.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandModifyEvent.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandModifyTask.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandModifyTask.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandRelayCommand.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandRelayCommand.h
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandSetAllTasks.cpp
Examining data/charmtimetracker-1.12.0/Charm/Commands/CommandSetAllTasks.h
Examining data/charmtimetracker-1.12.0/Charm/Data.cpp
Examining data/charmtimetracker-1.12.0/Charm/Data.h
Examining data/charmtimetracker-1.12.0/Charm/EventModelAdapter.cpp
Examining data/charmtimetracker-1.12.0/Charm/EventModelAdapter.h
Examining data/charmtimetracker-1.12.0/Charm/EventModelFilter.cpp
Examining data/charmtimetracker-1.12.0/Charm/EventModelFilter.h
Examining data/charmtimetracker-1.12.0/Charm/GUIState.cpp
Examining data/charmtimetracker-1.12.0/Charm/GUIState.h
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/CheckForUpdatesJob.cpp
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/CheckForUpdatesJob.h
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/GetProjectCodesJob.cpp
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/GetProjectCodesJob.h
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/HttpJob.cpp
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/HttpJob.h
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/RestJob.cpp
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/RestJob.h
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/UploadTimesheetJob.cpp
Examining data/charmtimetracker-1.12.0/Charm/HttpClient/UploadTimesheetJob.h
Examining data/charmtimetracker-1.12.0/Charm/Idle/IdleDetector.cpp
Examining data/charmtimetracker-1.12.0/Charm/Idle/IdleDetector.h
Examining data/charmtimetracker-1.12.0/Charm/Idle/MacIdleDetector.h
Examining data/charmtimetracker-1.12.0/Charm/Idle/WindowsIdleDetector.cpp
Examining data/charmtimetracker-1.12.0/Charm/Idle/WindowsIdleDetector.h
Examining data/charmtimetracker-1.12.0/Charm/Idle/X11IdleDetector.cpp
Examining data/charmtimetracker-1.12.0/Charm/Idle/X11IdleDetector.h
Examining data/charmtimetracker-1.12.0/Charm/Lotsofcake/Configuration.cpp
Examining data/charmtimetracker-1.12.0/Charm/Lotsofcake/Configuration.h
Examining data/charmtimetracker-1.12.0/Charm/MacApplicationCore.h
Examining data/charmtimetracker-1.12.0/Charm/ModelConnector.cpp
Examining data/charmtimetracker-1.12.0/Charm/ModelConnector.h
Examining data/charmtimetracker-1.12.0/Charm/QtQuick/Charm.cpp
Examining data/charmtimetracker-1.12.0/Charm/Reports/MonthlyTimesheetXmlWriter.cpp
Examining data/charmtimetracker-1.12.0/Charm/Reports/MonthlyTimesheetXmlWriter.h
Examining data/charmtimetracker-1.12.0/Charm/Reports/TimesheetInfo.cpp
Examining data/charmtimetracker-1.12.0/Charm/Reports/TimesheetInfo.h
Examining data/charmtimetracker-1.12.0/Charm/Reports/TimesheetXmlWriter.cpp
Examining data/charmtimetracker-1.12.0/Charm/Reports/TimesheetXmlWriter.h
Examining data/charmtimetracker-1.12.0/Charm/Reports/WeeklyTimesheetXmlWriter.cpp
Examining data/charmtimetracker-1.12.0/Charm/Reports/WeeklyTimesheetXmlWriter.h
Examining data/charmtimetracker-1.12.0/Charm/TaskModelAdapter.cpp
Examining data/charmtimetracker-1.12.0/Charm/TaskModelAdapter.h
Examining data/charmtimetracker-1.12.0/Charm/TemporaryValue.h
Examining data/charmtimetracker-1.12.0/Charm/UndoCharmCommandWrapper.cpp
Examining data/charmtimetracker-1.12.0/Charm/UndoCharmCommandWrapper.h
Examining data/charmtimetracker-1.12.0/Charm/ViewFilter.cpp
Examining data/charmtimetracker-1.12.0/Charm/ViewFilter.h
Examining data/charmtimetracker-1.12.0/Charm/ViewHelpers.cpp
Examining data/charmtimetracker-1.12.0/Charm/ViewHelpers.h
Examining data/charmtimetracker-1.12.0/Charm/WeeklySummary.cpp
Examining data/charmtimetracker-1.12.0/Charm/WeeklySummary.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ActivityReport.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ActivityReport.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/BillDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/BillDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmAboutDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmAboutDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmNewReleaseDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmNewReleaseDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmPreferences.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmPreferences.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmWindow.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CharmWindow.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CommentEditorPopup.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/CommentEditorPopup.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ConfigurationDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ConfigurationDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/DateEntrySyncer.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/DateEntrySyncer.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EnterVacationDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EnterVacationDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EventEditor.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EventEditor.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EventEditorDelegate.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EventEditorDelegate.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/EventView.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ExpandStatesHelper.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ExpandStatesHelper.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/FindAndReplaceEventsDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/FindAndReplaceEventsDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/HttpJobProgressDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/HttpJobProgressDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/IdleCorrectionDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/IdleCorrectionDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/MakeTemporarilyVisible.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/MessageBox.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/MessageBox.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/MonthlyTimesheet.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/MonthlyTimesheet.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/MonthlyTimesheetConfigurationDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/MonthlyTimesheetConfigurationDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/NotificationPopup.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/NotificationPopup.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ReportConfigurationDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ReportConfigurationDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ReportPreviewWindow.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/ReportPreviewWindow.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/SelectTaskDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/SelectTaskDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TaskEditor.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TaskEditor.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TaskIdDialog.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TaskIdDialog.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TasksView.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TasksView.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TasksViewDelegate.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TasksViewDelegate.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingTaskSelector.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingTaskSelector.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingView.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingView.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingWindow.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingWindow.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/Timesheet.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/Timesheet.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TrayIcon.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/TrayIcon.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/WeeklyTimesheet.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/WeeklyTimesheet.h
Examining data/charmtimetracker-1.12.0/Charm/Widgets/WidgetUtils.cpp
Examining data/charmtimetracker-1.12.0/Charm/Widgets/WidgetUtils.h
Examining data/charmtimetracker-1.12.0/Core/CharmCommand.cpp
Examining data/charmtimetracker-1.12.0/Core/CharmCommand.h
Examining data/charmtimetracker-1.12.0/Core/CharmConstants.cpp
Examining data/charmtimetracker-1.12.0/Core/CharmConstants.h
Examining data/charmtimetracker-1.12.0/Core/CharmDataModel.cpp
Examining data/charmtimetracker-1.12.0/Core/CharmDataModel.h
Examining data/charmtimetracker-1.12.0/Core/CharmDataModelAdapterInterface.h
Examining data/charmtimetracker-1.12.0/Core/CharmExceptions.cpp
Examining data/charmtimetracker-1.12.0/Core/CharmExceptions.h
Examining data/charmtimetracker-1.12.0/Core/CharmQtCompat.cpp
Examining data/charmtimetracker-1.12.0/Core/CharmQtCompat.h
Examining data/charmtimetracker-1.12.0/Core/CommandEmitterInterface.h
Examining data/charmtimetracker-1.12.0/Core/Configuration.cpp
Examining data/charmtimetracker-1.12.0/Core/Configuration.h
Examining data/charmtimetracker-1.12.0/Core/Controller.cpp
Examining data/charmtimetracker-1.12.0/Core/Controller.h
Examining data/charmtimetracker-1.12.0/Core/Dates.cpp
Examining data/charmtimetracker-1.12.0/Core/Dates.h
Examining data/charmtimetracker-1.12.0/Core/Event.cpp
Examining data/charmtimetracker-1.12.0/Core/Event.h
Examining data/charmtimetracker-1.12.0/Core/EventModelInterface.h
Examining data/charmtimetracker-1.12.0/Core/MySqlStorage.cpp
Examining data/charmtimetracker-1.12.0/Core/MySqlStorage.h
Examining data/charmtimetracker-1.12.0/Core/SmartNameCache.cpp
Examining data/charmtimetracker-1.12.0/Core/SmartNameCache.h
Examining data/charmtimetracker-1.12.0/Core/SqLiteStorage.cpp
Examining data/charmtimetracker-1.12.0/Core/SqLiteStorage.h
Examining data/charmtimetracker-1.12.0/Core/SqlRaiiTransactor.cpp
Examining data/charmtimetracker-1.12.0/Core/SqlRaiiTransactor.h
Examining data/charmtimetracker-1.12.0/Core/SqlStorage.cpp
Examining data/charmtimetracker-1.12.0/Core/SqlStorage.h
Examining data/charmtimetracker-1.12.0/Core/State.cpp
Examining data/charmtimetracker-1.12.0/Core/State.h
Examining data/charmtimetracker-1.12.0/Core/Task.cpp
Examining data/charmtimetracker-1.12.0/Core/Task.h
Examining data/charmtimetracker-1.12.0/Core/TaskListMerger.cpp
Examining data/charmtimetracker-1.12.0/Core/TaskListMerger.h
Examining data/charmtimetracker-1.12.0/Core/TaskModelInterface.h
Examining data/charmtimetracker-1.12.0/Core/TaskTreeItem.cpp
Examining data/charmtimetracker-1.12.0/Core/TaskTreeItem.h
Examining data/charmtimetracker-1.12.0/Core/TimeSpans.cpp
Examining data/charmtimetracker-1.12.0/Core/TimeSpans.h
Examining data/charmtimetracker-1.12.0/Core/UIStateInterface.h
Examining data/charmtimetracker-1.12.0/Core/User.h
Examining data/charmtimetracker-1.12.0/Core/XmlSerialization.cpp
Examining data/charmtimetracker-1.12.0/Core/XmlSerialization.h
Examining data/charmtimetracker-1.12.0/Tests/BackendIntegrationTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/BackendIntegrationTests.h
Examining data/charmtimetracker-1.12.0/Tests/CharmDataModelTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/CharmDataModelTests.h
Examining data/charmtimetracker-1.12.0/Tests/ControllerTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/ControllerTests.h
Examining data/charmtimetracker-1.12.0/Tests/DatesTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/DatesTests.h
Examining data/charmtimetracker-1.12.0/Tests/EventModelFilterTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/EventModelFilterTests.h
Examining data/charmtimetracker-1.12.0/Tests/ImportExportTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/ImportExportTests.h
Examining data/charmtimetracker-1.12.0/Tests/SmartNameCacheTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/SmartNameCacheTests.h
Examining data/charmtimetracker-1.12.0/Tests/SqLiteStorageTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/SqLiteStorageTests.h
Examining data/charmtimetracker-1.12.0/Tests/SqlTransactionTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/SqlTransactionTests.h
Examining data/charmtimetracker-1.12.0/Tests/TaskStructureTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/TaskStructureTests.h
Examining data/charmtimetracker-1.12.0/Tests/TestApplication.cpp
Examining data/charmtimetracker-1.12.0/Tests/TestApplication.h
Examining data/charmtimetracker-1.12.0/Tests/TestHelpers.h
Examining data/charmtimetracker-1.12.0/Tests/TimeSheetProcessorTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/TimeSheetProcessorTests.h
Examining data/charmtimetracker-1.12.0/Tests/TimeSpanTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/TimeSpanTests.h
Examining data/charmtimetracker-1.12.0/Tests/UpdateCheckerTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/UpdateCheckerTests.h
Examining data/charmtimetracker-1.12.0/Tests/XmlSerializationTests.cpp
Examining data/charmtimetracker-1.12.0/Tests/XmlSerializationTests.h
Examining data/charmtimetracker-1.12.0/Tools/Anonymizer/Anonymizer.cpp
Examining data/charmtimetracker-1.12.0/Tools/TimesheetGenerator/Exceptions.h
Examining data/charmtimetracker-1.12.0/Tools/TimesheetGenerator/Options.cpp
Examining data/charmtimetracker-1.12.0/Tools/TimesheetGenerator/Options.h
Examining data/charmtimetracker-1.12.0/Tools/TimesheetGenerator/main.cpp
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/CommandLine.cpp
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/CommandLine.h
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/Database.cpp
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/Database.h
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/Exceptions.h
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/Operations.cpp
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/Operations.h
Examining data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/main.cpp
FINAL RESULTS:
data/charmtimetracker-1.12.0/Charm/CI/CharmCommandInterface.cpp:33:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Build system error: CHARM_CI_SUPPORT should be defined
data/charmtimetracker-1.12.0/Charm/CI/CharmCommandServer.cpp:31:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Build system error: CHARM_CI_SUPPORT should be defined
data/charmtimetracker-1.12.0/Charm/CI/CharmCommandSession.cpp:38:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Build system error: CHARM_CI_SUPPORT should be defined
data/charmtimetracker-1.12.0/Charm/CI/CharmLocalCommandServer.cpp:35:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Build system error: CHARM_CI_LOCALSERVER should be defined
data/charmtimetracker-1.12.0/Charm/CI/CharmTCPCommandServer.cpp:36:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Build system error: CHARM_CI_TCPSERVER should be defined
data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp:279:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(startDate, QLocale::ShortFormat),
data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp:280:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(startTime, QLocale::ShortFormat),
data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp:281:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(endTime, QLocale::ShortFormat),
data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp:287:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(startDate, QLocale::ShortFormat),
data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp:288:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(startTime, QLocale::ShortFormat),
data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp:289:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(endDate, QLocale::ShortFormat),
data/charmtimetracker-1.12.0/Charm/Widgets/EventView.cpp:290:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(endTime, QLocale::ShortFormat),
data/charmtimetracker-1.12.0/Charm/Widgets/SelectTaskDialog.cpp:168:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString expirationDate = QLocale::system().toString(
data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingTaskSelector.cpp:211:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString expirationDate = QLocale::system().toString(task.validUntil().date(), QLocale::ShortFormat);
data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingView.cpp:425:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QString expirationDate = QLocale::system().toString(task.validUntil(), QLocale::ShortFormat);
data/charmtimetracker-1.12.0/Core/CharmConstants.cpp:102:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString s = QLocale::system().toString(d, 'f', 2);
data/charmtimetracker-1.12.0/Tools/TimesheetGenerator/Options.cpp:44:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "vhf:d:")) != -1)
data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/CommandLine.cpp:43:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "vhza:x:c:ri:u:m:")) != -1)
data/charmtimetracker-1.12.0/Charm/CI/CharmCommandSession.cpp:205:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer.open(QIODevice::ReadOnly);
data/charmtimetracker-1.12.0/Charm/CI/CharmCommandSession.cpp:226:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer.open(QIODevice::ReadOnly);
data/charmtimetracker-1.12.0/Charm/Commands/CommandExportToXml.cpp:54:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/charmtimetracker-1.12.0/Charm/Commands/CommandImportFromXml.cpp:49:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly)) {
data/charmtimetracker-1.12.0/Charm/HttpClient/CheckForUpdatesJob.cpp:94:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer.open(QIODevice::ReadOnly);
data/charmtimetracker-1.12.0/Charm/ViewHelpers.cpp:168:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (stylesheet.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingWindow.cpp:347:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_activityReportDialog->open();
data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingWindow.cpp:362:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_weeklyTimesheetDialog->open();
data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingWindow.cpp:377:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_monthlyTimesheetDialog->open();
data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingWindow.cpp:517:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer.open(QIODevice::ReadOnly);
data/charmtimetracker-1.12.0/Charm/Widgets/TimeTrackingWindow.cpp:582:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_weeklyTimesheetDialog->open();
data/charmtimetracker-1.12.0/Charm/Widgets/Timesheet.cpp:74:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/charmtimetracker-1.12.0/Charm/Widgets/Timesheet.cpp:90:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly)) {
data/charmtimetracker-1.12.0/Core/MySqlStorage.cpp:117:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Q_ASSERT_X(database().open(), Q_FUNC_INFO,
data/charmtimetracker-1.12.0/Core/SqLiteStorage.cpp:138:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Q_ASSERT_X(database().open(), Q_FUNC_INFO,
data/charmtimetracker-1.12.0/Core/SqLiteStorage.cpp:214:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!m_database.open()) {
data/charmtimetracker-1.12.0/Core/State.h:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *StateNames[NumberOfCharmApplicationStates];
data/charmtimetracker-1.12.0/Core/XmlSerialization.cpp:136:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/charmtimetracker-1.12.0/Core/XmlSerialization.cpp:152:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/charmtimetracker-1.12.0/Tests/ImportExportTests.cpp:58:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(outfile.open(QIODevice::ReadWrite));
data/charmtimetracker-1.12.0/Tests/ImportExportTests.cpp:106:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(outfile.open(QIODevice::ReadWrite));
data/charmtimetracker-1.12.0/Tests/ImportExportTests.cpp:120:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(file.open(QIODevice::ReadOnly));
data/charmtimetracker-1.12.0/Tests/SqlTransactionTests.cpp:69:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(storage.database().open());
data/charmtimetracker-1.12.0/Tests/SqlTransactionTests.cpp:93:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(storage.database().open());
data/charmtimetracker-1.12.0/Tests/SqlTransactionTests.cpp:117:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(storage.database().open());
data/charmtimetracker-1.12.0/Tests/TestHelpers.h:49:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/charmtimetracker-1.12.0/Tests/TimeSheetProcessorTests.cpp:60:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(storage.database().open());
data/charmtimetracker-1.12.0/Tests/TimeSheetProcessorTests.cpp:89:38: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QVERIFY(storageRemove.database().open());
data/charmtimetracker-1.12.0/Tools/TimesheetGenerator/main.cpp:50:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/charmtimetracker-1.12.0/Tools/TimesheetGenerator/main.cpp:134:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/Database.cpp:106:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool ok = m_storage.database().open();
data/charmtimetracker-1.12.0/Tools/TimesheetProcessor/Operations.cpp:80:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
ANALYSIS SUMMARY:
Hits = 50
Lines analyzed = 29810 in approximately 0.75 seconds (39771 lines/second)
Physical Source Lines of Code (SLOC) = 19176
Hits@level = [0] 0 [1] 0 [2] 32 [3] 2 [4] 16 [5] 0
Hits@level+ = [0+] 50 [1+] 50 [2+] 50 [3+] 18 [4+] 16 [5+] 0
Hits/KSLOC@level+ = [0+] 2.60743 [1+] 2.60743 [2+] 2.60743 [3+] 0.938673 [4+] 0.834376 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.