Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kalzium-20.08.3/libscience/elementparser.cpp
Examining data/kalzium-20.08.3/libscience/chemicaldataobject.h
Examining data/kalzium-20.08.3/libscience/spectrum.h
Examining data/kalzium-20.08.3/libscience/tests/isotopereadingtest.cpp
Examining data/kalzium-20.08.3/libscience/tests/xmlreadingtest.cpp
Examining data/kalzium-20.08.3/libscience/tests/spectrumreadingtests.cpp
Examining data/kalzium-20.08.3/libscience/psetables.h
Examining data/kalzium-20.08.3/libscience/spectrumparser.h
Examining data/kalzium-20.08.3/libscience/elementparser.h
Examining data/kalzium-20.08.3/libscience/isotope.cpp
Examining data/kalzium-20.08.3/libscience/parser.h
Examining data/kalzium-20.08.3/libscience/isotope.h
Examining data/kalzium-20.08.3/libscience/moleculeparser.h
Examining data/kalzium-20.08.3/libscience/psetables.cpp
Examining data/kalzium-20.08.3/libscience/libkdeedu_science_export.h
Examining data/kalzium-20.08.3/libscience/spectrum.cpp
Examining data/kalzium-20.08.3/libscience/isotopeparser.h
Examining data/kalzium-20.08.3/libscience/element.h
Examining data/kalzium-20.08.3/libscience/element.cpp
Examining data/kalzium-20.08.3/libscience/isotopeparser.cpp
Examining data/kalzium-20.08.3/libscience/spectrumparser.cpp
Examining data/kalzium-20.08.3/libscience/moleculeparser.cpp
Examining data/kalzium-20.08.3/libscience/chemicaldataobject.cpp
Examining data/kalzium-20.08.3/libscience/parser.cpp
Examining data/kalzium-20.08.3/plasmoid/engine/kalzium_engine.cpp
Examining data/kalzium-20.08.3/plasmoid/engine/kalzium_engine.h
Examining data/kalzium-20.08.3/plasmoid/applet/concentrationPlasmoid/concentrationCalculator.h
Examining data/kalzium-20.08.3/plasmoid/applet/concentrationPlasmoid/concentrationCalculator.cpp
Examining data/kalzium-20.08.3/plasmoid/applet/psePlasmoid/Molmasscalculator.cpp
Examining data/kalzium-20.08.3/plasmoid/applet/psePlasmoid/Periodictable.h
Examining data/kalzium-20.08.3/plasmoid/applet/psePlasmoid/Periodictable.cpp
Examining data/kalzium-20.08.3/plasmoid/applet/psePlasmoid/Molmasscalculator.h
Examining data/kalzium-20.08.3/plasmoid/applet/didyouknow/didyouknow.h
Examining data/kalzium-20.08.3/plasmoid/applet/didyouknow/didyouknow.cpp
Examining data/kalzium-20.08.3/plasmoid/applet/gasPlasmoid/gasCalculator.cpp
Examining data/kalzium-20.08.3/plasmoid/applet/gasPlasmoid/gasCalculator.h
Examining data/kalzium-20.08.3/plasmoid/applet/nuclearPlasmoid/kalziumdataobject.cpp
Examining data/kalzium-20.08.3/plasmoid/applet/nuclearPlasmoid/kalziumdataobject.h
Examining data/kalzium-20.08.3/plasmoid/applet/nuclearPlasmoid/nuclearCalculator.cpp
Examining data/kalzium-20.08.3/plasmoid/applet/nuclearPlasmoid/nuclearCalculator.h
Examining data/kalzium-20.08.3/plasmoid/applet/bodr/kalzium_plasma.h
Examining data/kalzium-20.08.3/plasmoid/applet/bodr/kalzium_plasma.cpp
Examining data/kalzium-20.08.3/compoundviewer/kalziumglpart.cpp
Examining data/kalzium-20.08.3/compoundviewer/kalziumglwidget.cpp
Examining data/kalzium-20.08.3/compoundviewer/kalziumglwidget.h
Examining data/kalzium-20.08.3/compoundviewer/iowrapper.cpp
Examining data/kalzium-20.08.3/compoundviewer/iowrapper.h
Examining data/kalzium-20.08.3/compoundviewer/libkdeedu_compoundviewer_export.h
Examining data/kalzium-20.08.3/compoundviewer/kalziumglpart.h
Examining data/kalzium-20.08.3/src/detailinfodlg.cpp
Examining data/kalzium-20.08.3/src/elementdataviewer.cpp
Examining data/kalzium-20.08.3/src/tableinfowidget.h
Examining data/kalzium-20.08.3/src/molcalcwidget.cpp
Examining data/kalzium-20.08.3/src/exportdialog.cpp
Examining data/kalzium-20.08.3/src/gradientwidget_impl.h
Examining data/kalzium-20.08.3/src/searchwidget.h
Examining data/kalzium-20.08.3/src/tableinfowidget.cpp
Examining data/kalzium-20.08.3/src/detailedQmlView.h
Examining data/kalzium-20.08.3/src/psetable/elementitem.h
Examining data/kalzium-20.08.3/src/psetable/periodictablestates.h
Examining data/kalzium-20.08.3/src/psetable/numerationitem.cpp
Examining data/kalzium-20.08.3/src/psetable/periodictablescene.h
Examining data/kalzium-20.08.3/src/psetable/elementitem.cpp
Examining data/kalzium-20.08.3/src/psetable/periodictableview.cpp
Examining data/kalzium-20.08.3/src/psetable/periodictableview.h
Examining data/kalzium-20.08.3/src/psetable/periodictablescene.cpp
Examining data/kalzium-20.08.3/src/psetable/periodictablestates.cpp
Examining data/kalzium-20.08.3/src/psetable/statemachine.h
Examining data/kalzium-20.08.3/src/psetable/statemachine.cpp
Examining data/kalzium-20.08.3/src/psetable/numerationitem.h
Examining data/kalzium-20.08.3/src/exportdialog.h
Examining data/kalzium-20.08.3/src/orbitswidget.h
Examining data/kalzium-20.08.3/src/calculator/calculator.cpp
Examining data/kalzium-20.08.3/src/calculator/concCalculator.h
Examining data/kalzium-20.08.3/src/calculator/nuclearCalculator.cpp
Examining data/kalzium-20.08.3/src/calculator/titrationCalculator.cpp
Examining data/kalzium-20.08.3/src/calculator/titrationCalculator.h
Examining data/kalzium-20.08.3/src/calculator/nuclearCalculator.h
Examining data/kalzium-20.08.3/src/calculator/concCalculator.cpp
Examining data/kalzium-20.08.3/src/calculator/calculator.h
Examining data/kalzium-20.08.3/src/calculator/gasCalculator.cpp
Examining data/kalzium-20.08.3/src/calculator/gasCalculator.h
Examining data/kalzium-20.08.3/src/kalziumutils.h
Examining data/kalzium-20.08.3/src/spectrumviewimpl.cpp
Examining data/kalzium-20.08.3/src/gradientwidget_impl.cpp
Examining data/kalzium-20.08.3/src/detailedQmlView.cpp
Examining data/kalzium-20.08.3/src/unitsettingsdialog.cpp
Examining data/kalzium-20.08.3/src/search.h
Examining data/kalzium-20.08.3/src/kalziumelementproperty.h
Examining data/kalzium-20.08.3/src/kalziumschemetype.cpp
Examining data/kalzium-20.08.3/src/kalziumnumerationtype.cpp
Examining data/kalzium-20.08.3/src/spectrumviewimpl.h
Examining data/kalzium-20.08.3/src/rsdialog.cpp
Examining data/kalzium-20.08.3/src/kalzium.h
Examining data/kalzium-20.08.3/src/kalziumgradienttype.h
Examining data/kalzium-20.08.3/src/kalziumdataobject.cpp
Examining data/kalzium-20.08.3/src/kalziumdataobject.h
Examining data/kalzium-20.08.3/src/molcalcwidget.h
Examining data/kalzium-20.08.3/src/tablesdialog.h
Examining data/kalzium-20.08.3/src/kalziumelementproperty.cpp
Examining data/kalzium-20.08.3/src/elementdataviewer.h
Examining data/kalzium-20.08.3/src/kalziumschemetype.h
Examining data/kalzium-20.08.3/src/kalzium.cpp
Examining data/kalzium-20.08.3/src/legendwidget.cpp
Examining data/kalzium-20.08.3/src/isotopetable/isotopescene.h
Examining data/kalzium-20.08.3/src/isotopetable/isotopeguideview.cpp
Examining data/kalzium-20.08.3/src/isotopetable/isotopeguideview.h
Examining data/kalzium-20.08.3/src/isotopetable/isotopetabledialog.h
Examining data/kalzium-20.08.3/src/isotopetable/isotopeview.h
Examining data/kalzium-20.08.3/src/isotopetable/informationitem.h
Examining data/kalzium-20.08.3/src/isotopetable/isotopetabledialog.cpp
Examining data/kalzium-20.08.3/src/isotopetable/isotopeitem.cpp
Examining data/kalzium-20.08.3/src/isotopetable/informationitem.cpp
Examining data/kalzium-20.08.3/src/isotopetable/isotopescene.cpp
Examining data/kalzium-20.08.3/src/isotopetable/isotopeview.cpp
Examining data/kalzium-20.08.3/src/isotopetable/isotopeitem.h
Examining data/kalzium-20.08.3/src/kalziumunitcombobox.cpp
Examining data/kalzium-20.08.3/src/kdeeduglossary.cpp
Examining data/kalzium-20.08.3/src/detailedgraphicaloverview.h
Examining data/kalzium-20.08.3/src/main.cpp
Examining data/kalzium-20.08.3/src/tools/obconverter.cpp
Examining data/kalzium-20.08.3/src/tools/obconverter.h
Examining data/kalzium-20.08.3/src/tools/moleculeview.h
Examining data/kalzium-20.08.3/src/tools/moleculewidgetplugin.h
Examining data/kalzium-20.08.3/src/tools/moleculeview.cpp
Examining data/kalzium-20.08.3/src/spectrumwidget.h
Examining data/kalzium-20.08.3/src/detailedgraphicaloverview.cpp
Examining data/kalzium-20.08.3/src/searchwidget.cpp
Examining data/kalzium-20.08.3/src/legendwidget.h
Examining data/kalzium-20.08.3/src/kdeeduglossary.h
Examining data/kalzium-20.08.3/src/orbitswidget.cpp
Examining data/kalzium-20.08.3/src/detailinfodlg.h
Examining data/kalzium-20.08.3/src/kalziumutils.cpp
Examining data/kalzium-20.08.3/src/rsdialog.h
Examining data/kalzium-20.08.3/src/kalziumunitcombobox.h
Examining data/kalzium-20.08.3/src/eqchemview.h
Examining data/kalzium-20.08.3/src/search.cpp
Examining data/kalzium-20.08.3/src/solver/main.c
Examining data/kalzium-20.08.3/src/solver/modwrap.c
Examining data/kalzium-20.08.3/src/kalziumnumerationtype.h
Examining data/kalzium-20.08.3/src/unitsettingsdialog.h
Examining data/kalzium-20.08.3/src/spectrumwidget.cpp
Examining data/kalzium-20.08.3/src/tablesdialog.cpp
Examining data/kalzium-20.08.3/src/eqchemview.cpp
Examining data/kalzium-20.08.3/src/kalziumgradienttype.cpp

FINAL RESULTS:

data/kalzium-20.08.3/src/calculator/titrationCalculator.cpp:105:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(yvalue,yvaluen);
data/kalzium-20.08.3/libscience/moleculeparser.cpp:378:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!(!file.open(QIODevice::ReadOnly | QIODevice::Text))) {
data/kalzium-20.08.3/libscience/moleculeparser.cpp:406:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!(!file2.open(QIODevice::ReadOnly | QIODevice::Text))) {
data/kalzium-20.08.3/src/calculator/titrationCalculator.cpp:68:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    connect(uid.open, &QAbstractButton::clicked,this, &titrationCalculator::on_actionOpen_triggered);
data/kalzium-20.08.3/src/calculator/titrationCalculator.cpp:95:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char yvalue[80];
data/kalzium-20.08.3/src/exportdialog.cpp:176:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!outputFile.open(QIODevice::WriteOnly)) {
data/kalzium-20.08.3/src/kalzium.cpp:583:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/kalzium-20.08.3/src/kdeeduglossary.cpp:168:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!layoutFile.open(QIODevice::ReadOnly)) {
data/kalzium-20.08.3/src/molcalcwidget.cpp:78:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!(!file.open(QIODevice::ReadOnly | QIODevice::Text))) {
data/kalzium-20.08.3/src/molcalcwidget.cpp:115:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!(!file2.open(QIODevice::ReadOnly | QIODevice::Text))) {
data/kalzium-20.08.3/src/molcalcwidget.cpp:313:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!(!file.open(QIODevice::WriteOnly| QIODevice::Append | QIODevice::Text))) {
data/kalzium-20.08.3/compoundviewer/iowrapper.cpp:51:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (!format->read(inFileStream, *mol)) {
data/kalzium-20.08.3/src/calculator/titrationCalculator.cpp:272:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (int i = 0; strlen(yvalue) + 1; ++i) {
data/kalzium-20.08.3/src/calculator/titrationCalculator.cpp:334:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (int i = 0; strlen(yvalue) + 1; ++i) {

ANALYSIS SUMMARY:

Hits = 14
Lines analyzed = 29821 in approximately 0.93 seconds (32140 lines/second)
Physical Source Lines of Code (SLOC) = 19004
Hits@level = [0]   3 [1]   3 [2]  10 [3]   0 [4]   1 [5]   0
Hits@level+ = [0+]  17 [1+]  14 [2+]  11 [3+]   1 [4+]   1 [5+]   0
Hits/KSLOC@level+ = [0+] 0.894549 [1+] 0.736687 [2+] 0.578826 [3+] 0.0526205 [4+] 0.0526205 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.