Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/collatinus-11/src/mainwindow.h
Examining data/collatinus-11/src/lemme.h
Examining data/collatinus-11/src/lemme.cpp
Examining data/collatinus-11/src/maj.h
Examining data/collatinus-11/src/lemmatiseur.h
Examining data/collatinus-11/src/lewis.h
Examining data/collatinus-11/src/scandeur.cpp
Examining data/collatinus-11/src/modele.cpp
Examining data/collatinus-11/src/flexion.cpp
Examining data/collatinus-11/src/irregs.h
Examining data/collatinus-11/src/ch.h
Examining data/collatinus-11/src/frequences.cpp
Examining data/collatinus-11/src/ch.cpp
Examining data/collatinus-11/src/flexion.h
Examining data/collatinus-11/src/irregs.cpp
Examining data/collatinus-11/src/modele.h
Examining data/collatinus-11/src/lemmatiseur.cpp
Examining data/collatinus-11/src/lewis.cpp
Examining data/collatinus-11/src/mainwindow.cpp
Examining data/collatinus-11/src/maj.cpp
Examining data/collatinus-11/src/main.cpp
FINAL RESULTS:
data/collatinus-11/src/lemmatiseur.cpp:69:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:92:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fAssims.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:116:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fContractions.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:652:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fichier.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:690:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
firr.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:718:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flem.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:739:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fm.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:772:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpp.open (QFile::ReadOnly);
data/collatinus-11/src/lemmatiseur.cpp:807:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fl.open (QFile::ReadOnly);
data/collatinus-11/src/lewis.cpp:103:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fz.open (QFile::ReadOnly);
data/collatinus-11/src/lewis.cpp:146:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open (QIODevice::ReadOnly | QIODevice::Text))
data/collatinus-11/src/lewis.cpp:267:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fi.open(QFile::ReadOnly | QFile::Text))
data/collatinus-11/src/mainwindow.cpp:135:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
styleFile.open (QFile::ReadOnly);
data/collatinus-11/src/mainwindow.cpp:450:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::ReadOnly | QFile::Text))
data/collatinus-11/src/maj.cpp:94:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fcol.open (QFile::ReadOnly);
data/collatinus-11/src/maj.cpp:96:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fcz.open(QFile::WriteOnly))
data/collatinus-11/src/maj.cpp:107:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fidx.open(QFile::WriteOnly);
data/collatinus-11/src/maj.cpp:109:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fcfg.open(QFile::WriteOnly);
data/collatinus-11/src/lewis.cpp:105:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray ba = fz.read(taille);
data/collatinus-11/src/maj.cpp:121:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fcz.write(fcol.read(aidx));
data/collatinus-11/src/maj.cpp:123:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fidx.write(qUncompress(fcol.read(acfg-fcol.pos())));
data/collatinus-11/src/maj.cpp:125:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fcfg.write(qUncompress(fcol.read(tcfg)));
ANALYSIS SUMMARY:
Hits = 22
Lines analyzed = 6442 in approximately 0.27 seconds (24129 lines/second)
Physical Source Lines of Code (SLOC) = 4145
Hits@level = [0] 0 [1] 4 [2] 18 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 22 [1+] 22 [2+] 18 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.3076 [1+] 5.3076 [2+] 4.34258 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.