Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kate-20.08.3/kate/katetabbar.h Examining data/kate-20.08.3/kate/katedebug.h Examining data/kate-20.08.3/kate/katemainwindow.cpp Examining data/kate-20.08.3/kate/katefileactions.h Examining data/kate-20.08.3/kate/session/katesessionmanager.h Examining data/kate-20.08.3/kate/session/katesessionmanagedialog.h Examining data/kate-20.08.3/kate/session/katesession.cpp Examining data/kate-20.08.3/kate/session/katesessionmanager.cpp Examining data/kate-20.08.3/kate/session/katesession.h Examining data/kate-20.08.3/kate/session/katesessionchooseritem.h Examining data/kate-20.08.3/kate/session/katesessionsaction.h Examining data/kate-20.08.3/kate/session/katesessionmanagedialog.cpp Examining data/kate-20.08.3/kate/session/katesessionsaction.cpp Examining data/kate-20.08.3/kate/katequickopen.cpp Examining data/kate-20.08.3/kate/kateconfigdialog.cpp Examining data/kate-20.08.3/kate/katesavemodifieddialog.cpp Examining data/kate-20.08.3/kate/autotests/sessions_action_test.cpp Examining data/kate-20.08.3/kate/autotests/session_test.h Examining data/kate-20.08.3/kate/autotests/session_manager_test.h Examining data/kate-20.08.3/kate/autotests/session_manager_test.cpp Examining data/kate-20.08.3/kate/autotests/session_test.cpp Examining data/kate-20.08.3/kate/autotests/sessions_action_test.h Examining data/kate-20.08.3/kate/katedocmanager.h Examining data/kate-20.08.3/kate/kateviewmanager.cpp Examining data/kate-20.08.3/kate/katewaiter.cpp Examining data/kate-20.08.3/kate/katefileactions.cpp Examining data/kate-20.08.3/kate/kateapp.cpp Examining data/kate-20.08.3/kate/katecolorschemechooser.h Examining data/kate-20.08.3/kate/katewaiter.h Examining data/kate-20.08.3/kate/katepluginmanager.h Examining data/kate-20.08.3/kate/katemainwindow.h Examining data/kate-20.08.3/kate/katerunninginstanceinfo.cpp Examining data/kate-20.08.3/kate/kateapp.h Examining data/kate-20.08.3/kate/katepluginmanager.cpp Examining data/kate-20.08.3/kate/kateappadaptor.cpp Examining data/kate-20.08.3/kate/katedocmanager.cpp Examining data/kate-20.08.3/kate/kateupdatedisabler.h Examining data/kate-20.08.3/kate/katetabbar.cpp Examining data/kate-20.08.3/kate/katemwmodonhddialog.h Examining data/kate-20.08.3/kate/katemwmodonhddialog.cpp Examining data/kate-20.08.3/kate/kateconfigdialog.h Examining data/kate-20.08.3/kate/kateviewspace.cpp Examining data/kate-20.08.3/kate/qtsingleapplication/qtlockedfile_win.cpp Examining data/kate-20.08.3/kate/qtsingleapplication/qtlockedfile_unix.cpp Examining data/kate-20.08.3/kate/qtsingleapplication/qtlocalpeer.h Examining data/kate-20.08.3/kate/qtsingleapplication/qtlockedfile.h Examining data/kate-20.08.3/kate/qtsingleapplication/qtsingleapplication.cpp Examining data/kate-20.08.3/kate/qtsingleapplication/qtlocalpeer.cpp Examining data/kate-20.08.3/kate/qtsingleapplication/qtsingleapplication.h Examining data/kate-20.08.3/kate/qtsingleapplication/qtlockedfile.cpp Examining data/kate-20.08.3/kate/main.cpp Examining data/kate-20.08.3/kate/kateconfigplugindialogpage.cpp Examining data/kate-20.08.3/kate/katemdi.cpp Examining data/kate-20.08.3/kate/kateconfigplugindialogpage.h Examining data/kate-20.08.3/kate/kateappadaptor.h Examining data/kate-20.08.3/kate/katequickopenmodel.cpp Examining data/kate-20.08.3/kate/katerunninginstanceinfo.h Examining data/kate-20.08.3/kate/katesavemodifieddialog.h Examining data/kate-20.08.3/kate/katecolorschemechooser.cpp Examining data/kate-20.08.3/kate/kateviewspace.h Examining data/kate-20.08.3/kate/katequickopenmodel.h Examining data/kate-20.08.3/kate/katequickopen.h Examining data/kate-20.08.3/kate/kateviewmanager.h Examining data/kate-20.08.3/kate/katemdi.h Examining data/kate-20.08.3/addons/backtracebrowser/katebacktracebrowser.h Examining data/kate-20.08.3/addons/backtracebrowser/btfileindexer.cpp Examining data/kate-20.08.3/addons/backtracebrowser/autotests/btbrowsertest.h Examining data/kate-20.08.3/addons/backtracebrowser/autotests/btbrowsertest.cpp Examining data/kate-20.08.3/addons/backtracebrowser/btparser.h Examining data/kate-20.08.3/addons/backtracebrowser/btparser.cpp Examining data/kate-20.08.3/addons/backtracebrowser/btfileindexer.h Examining data/kate-20.08.3/addons/backtracebrowser/btdatabase.h Examining data/kate-20.08.3/addons/backtracebrowser/katebacktracebrowser.cpp Examining data/kate-20.08.3/addons/backtracebrowser/btdatabase.cpp Examining data/kate-20.08.3/addons/filetree/autotests/document_dummy.h Examining data/kate-20.08.3/addons/filetree/autotests/filetree_model_test.cpp Examining data/kate-20.08.3/addons/filetree/autotests/filetree_model_test.h Examining data/kate-20.08.3/addons/filetree/autotests/document_dummy.cpp Examining data/kate-20.08.3/addons/filetree/katefiletreemodel.cpp Examining data/kate-20.08.3/addons/filetree/katefiletreeplugin.h Examining data/kate-20.08.3/addons/filetree/katefiletreeproxymodel.h Examining data/kate-20.08.3/addons/filetree/katefiletreepluginsettings.h Examining data/kate-20.08.3/addons/filetree/katefiletree.h Examining data/kate-20.08.3/addons/filetree/katefiletreepluginsettings.cpp Examining data/kate-20.08.3/addons/filetree/katefiletreeconfigpage.cpp Examining data/kate-20.08.3/addons/filetree/katefiletreedebug.h Examining data/kate-20.08.3/addons/filetree/katefiletreeplugin.cpp Examining data/kate-20.08.3/addons/filetree/katefiletree.cpp Examining data/kate-20.08.3/addons/filetree/katefiletreemodel.h Examining data/kate-20.08.3/addons/filetree/katefiletreeconfigpage.h Examining data/kate-20.08.3/addons/filetree/katefiletreeproxymodel.cpp Examining data/kate-20.08.3/addons/lspclient/lspclienthover.h Examining data/kate-20.08.3/addons/lspclient/lspclientcompletion.h Examining data/kate-20.08.3/addons/lspclient/lspclienthover.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientcompletion.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientpluginview.h Examining data/kate-20.08.3/addons/lspclient/tests/lsptestapp.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientpluginview.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientprotocol.h Examining data/kate-20.08.3/addons/lspclient/lspclientplugin.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientsymbolview.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientsymbolview.h Examining data/kate-20.08.3/addons/lspclient/lspclientserver.h Examining data/kate-20.08.3/addons/lspclient/lspclientservermanager.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientplugin.h Examining data/kate-20.08.3/addons/lspclient/lspclientconfigpage.cpp Examining data/kate-20.08.3/addons/lspclient/lspclientservermanager.h Examining data/kate-20.08.3/addons/lspclient/lspclientconfigpage.h Examining data/kate-20.08.3/addons/lspclient/lspclientserver.cpp Examining data/kate-20.08.3/addons/project/kateprojectinfoviewindex.h Examining data/kate-20.08.3/addons/project/kateprojectitem.cpp Examining data/kate-20.08.3/addons/project/kateprojectinfoviewcodeanalysis.h Examining data/kate-20.08.3/addons/project/autotests/test1.h Examining data/kate-20.08.3/addons/project/autotests/test1.cpp Examining data/kate-20.08.3/addons/project/kateprojectviewtree.cpp Examining data/kate-20.08.3/addons/project/kateprojectcompletion.cpp Examining data/kate-20.08.3/addons/project/kateproject.h Examining data/kate-20.08.3/addons/project/kateprojectworker.h Examining data/kate-20.08.3/addons/project/kateprojectinfoview.cpp Examining data/kate-20.08.3/addons/project/kateprojectinfoviewcodeanalysis.cpp Examining data/kate-20.08.3/addons/project/kateprojectplugin.h Examining data/kate-20.08.3/addons/project/kateprojectinfoviewnotes.h Examining data/kate-20.08.3/addons/project/kateprojectindex.cpp Examining data/kate-20.08.3/addons/project/kateprojectviewtree.h Examining data/kate-20.08.3/addons/project/kateprojectinfoviewterminal.h Examining data/kate-20.08.3/addons/project/kateprojectconfigpage.h Examining data/kate-20.08.3/addons/project/kateprojectplugin.cpp Examining data/kate-20.08.3/addons/project/kateprojectworker.cpp Examining data/kate-20.08.3/addons/project/kateprojectinfoviewindex.cpp Examining data/kate-20.08.3/addons/project/kateprojectindex.h Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysisselector.cpp Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysistoolcppcheck.h Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysistoolcppcheck.cpp Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysistoolshellcheck.cpp Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysistoolshellcheck.h Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysisselector.h Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysistoolflake8.cpp Examining data/kate-20.08.3/addons/project/tools/kateprojectcodeanalysistoolflake8.h Examining data/kate-20.08.3/addons/project/kateprojectinfoviewterminal.cpp Examining data/kate-20.08.3/addons/project/ctags/readtags.h Examining data/kate-20.08.3/addons/project/ctags/readtags.c Examining data/kate-20.08.3/addons/project/kateprojectinfoview.h Examining data/kate-20.08.3/addons/project/kateprojectview.h Examining data/kate-20.08.3/addons/project/kateprojectview.cpp Examining data/kate-20.08.3/addons/project/fileutil.cpp Examining data/kate-20.08.3/addons/project/kateprojectinfoviewnotes.cpp Examining data/kate-20.08.3/addons/project/kateprojectcompletion.h Examining data/kate-20.08.3/addons/project/kateproject.cpp Examining data/kate-20.08.3/addons/project/kateprojectcodeanalysistool.cpp Examining data/kate-20.08.3/addons/project/kateprojecttreeviewcontextmenu.cpp Examining data/kate-20.08.3/addons/project/kateprojectcodeanalysistool.h Examining data/kate-20.08.3/addons/project/kateprojectitem.h Examining data/kate-20.08.3/addons/project/kateprojecttreeviewcontextmenu.h Examining data/kate-20.08.3/addons/project/fileutil.h Examining data/kate-20.08.3/addons/project/kateprojectconfigpage.cpp Examining data/kate-20.08.3/addons/project/kateprojectpluginview.h Examining data/kate-20.08.3/addons/project/kateprojectpluginview.cpp Examining data/kate-20.08.3/addons/symbolviewer/python_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/xml_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/perl_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/cpp_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/php_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/plugin_katesymbolviewer.h Examining data/kate-20.08.3/addons/symbolviewer/plugin_katesymbolviewer.cpp Examining data/kate-20.08.3/addons/symbolviewer/ruby_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/fortran_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/xslt_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/tcl_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/testfile.c Examining data/kate-20.08.3/addons/symbolviewer/bash_parser.cpp Examining data/kate-20.08.3/addons/symbolviewer/ecma_parser.cpp Examining data/kate-20.08.3/addons/preview/previewwidget.cpp Examining data/kate-20.08.3/addons/preview/kpartview.cpp Examining data/kate-20.08.3/addons/preview/ktexteditorpreviewplugin.h Examining data/kate-20.08.3/addons/preview/ktexteditorpreviewview.h Examining data/kate-20.08.3/addons/preview/ktexteditorpreviewview.cpp Examining data/kate-20.08.3/addons/preview/ktexteditorpreviewplugin.cpp Examining data/kate-20.08.3/addons/preview/kpartview.h Examining data/kate-20.08.3/addons/preview/previewwidget.h Examining data/kate-20.08.3/addons/search/plugin_search.h Examining data/kate-20.08.3/addons/search/search_open_files.cpp Examining data/kate-20.08.3/addons/search/htmldelegate.h Examining data/kate-20.08.3/addons/search/replace_matches.cpp Examining data/kate-20.08.3/addons/search/SearchDiskFiles.cpp Examining data/kate-20.08.3/addons/search/FolderFilesList.cpp Examining data/kate-20.08.3/addons/search/KateSearchCommand.h Examining data/kate-20.08.3/addons/search/SearchDiskFiles.h Examining data/kate-20.08.3/addons/search/plugin_search.cpp Examining data/kate-20.08.3/addons/search/replace_matches.h Examining data/kate-20.08.3/addons/search/KateSearchCommand.cpp Examining data/kate-20.08.3/addons/search/FolderFilesList.h Examining data/kate-20.08.3/addons/search/htmldelegate.cpp Examining data/kate-20.08.3/addons/search/search_open_files.h Examining data/kate-20.08.3/addons/katesql/outputstylewidget.h Examining data/kate-20.08.3/addons/katesql/cachedsqlquerymodel.cpp Examining data/kate-20.08.3/addons/katesql/sqlmanager.h Examining data/kate-20.08.3/addons/katesql/katesqlconfigpage.h Examining data/kate-20.08.3/addons/katesql/katesqlview.cpp Examining data/kate-20.08.3/addons/katesql/outputwidget.cpp Examining data/kate-20.08.3/addons/katesql/dataoutputmodel.cpp Examining data/kate-20.08.3/addons/katesql/outputwidget.h Examining data/kate-20.08.3/addons/katesql/schemabrowserwidget.cpp Examining data/kate-20.08.3/addons/katesql/dataoutputwidget.cpp Examining data/kate-20.08.3/addons/katesql/dataoutputview.h Examining data/kate-20.08.3/addons/katesql/dataoutputwidget.h Examining data/kate-20.08.3/addons/katesql/cachedsqlquerymodel.h Examining data/kate-20.08.3/addons/katesql/dataoutputmodel.h Examining data/kate-20.08.3/addons/katesql/schemawidget.h Examining data/kate-20.08.3/addons/katesql/connectionmodel.cpp Examining data/kate-20.08.3/addons/katesql/katesqlplugin.cpp Examining data/kate-20.08.3/addons/katesql/connectionmodel.h Examining data/kate-20.08.3/addons/katesql/textoutputwidget.h Examining data/kate-20.08.3/addons/katesql/textoutputwidget.cpp Examining data/kate-20.08.3/addons/katesql/connectionwizard.cpp Examining data/kate-20.08.3/addons/katesql/katesqlconfigpage.cpp Examining data/kate-20.08.3/addons/katesql/connection.h Examining data/kate-20.08.3/addons/katesql/schemawidget.cpp Examining data/kate-20.08.3/addons/katesql/outputstylewidget.cpp Examining data/kate-20.08.3/addons/katesql/connectionwizard.h Examining data/kate-20.08.3/addons/katesql/dataoutputview.cpp Examining data/kate-20.08.3/addons/katesql/katesqlview.h Examining data/kate-20.08.3/addons/katesql/katesqlplugin.h Examining data/kate-20.08.3/addons/katesql/schemabrowserwidget.h Examining data/kate-20.08.3/addons/katesql/exportwizard.h Examining data/kate-20.08.3/addons/katesql/outputstyle.h Examining data/kate-20.08.3/addons/katesql/exportwizard.cpp Examining data/kate-20.08.3/addons/katesql/sqlmanager.cpp Examining data/kate-20.08.3/addons/externaltools/kateexternaltool.cpp Examining data/kate-20.08.3/addons/externaltools/externaltoolsplugin.h Examining data/kate-20.08.3/addons/externaltools/autotests/externaltooltest.h Examining data/kate-20.08.3/addons/externaltools/autotests/externaltooltest.cpp Examining data/kate-20.08.3/addons/externaltools/kateexternaltoolsview.cpp Examining data/kate-20.08.3/addons/externaltools/katetoolrunner.cpp Examining data/kate-20.08.3/addons/externaltools/kateexternaltoolscommand.h Examining data/kate-20.08.3/addons/externaltools/katetoolrunner.h Examining data/kate-20.08.3/addons/externaltools/externaltoolsplugin.cpp Examining data/kate-20.08.3/addons/externaltools/kateexternaltoolscommand.cpp Examining data/kate-20.08.3/addons/externaltools/kateexternaltoolsconfigwidget.h Examining data/kate-20.08.3/addons/externaltools/kateexternaltoolsconfigwidget.cpp Examining data/kate-20.08.3/addons/externaltools/kateexternaltoolsview.h Examining data/kate-20.08.3/addons/externaltools/kateexternaltool.h Examining data/kate-20.08.3/addons/xmlcheck/plugin_katexmlcheck.cpp Examining data/kate-20.08.3/addons/xmlcheck/plugin_katexmlcheck.h Examining data/kate-20.08.3/addons/sessionapplet/katesessionsjob.cpp Examining data/kate-20.08.3/addons/sessionapplet/katesessionsmodel.h Examining data/kate-20.08.3/addons/sessionapplet/katesessionsjob.h Examining data/kate-20.08.3/addons/sessionapplet/katesessionsengine.h Examining data/kate-20.08.3/addons/sessionapplet/katesessionsengine.cpp Examining data/kate-20.08.3/addons/sessionapplet/katesessionsmodel.cpp Examining data/kate-20.08.3/addons/sessionapplet/katesessionsservice.h Examining data/kate-20.08.3/addons/sessionapplet/katesessionsservice.cpp Examining data/kate-20.08.3/addons/tabswitcher/autotests/tabswitchertest.h Examining data/kate-20.08.3/addons/tabswitcher/autotests/tabswitchertest.cpp Examining data/kate-20.08.3/addons/tabswitcher/tests/tstestapp.h Examining data/kate-20.08.3/addons/tabswitcher/tests/tstestapp.cpp Examining data/kate-20.08.3/addons/tabswitcher/tabswitcherfilesmodel.cpp Examining data/kate-20.08.3/addons/tabswitcher/tabswitchertreeview.cpp Examining data/kate-20.08.3/addons/tabswitcher/tabswitcherfilesmodel.h Examining data/kate-20.08.3/addons/tabswitcher/tabswitchertreeview.h Examining data/kate-20.08.3/addons/tabswitcher/tabswitcher.h Examining data/kate-20.08.3/addons/tabswitcher/tabswitcher.cpp Examining data/kate-20.08.3/addons/openheader/plugin_kateopenheader.h Examining data/kate-20.08.3/addons/openheader/plugin_kateopenheader.cpp Examining data/kate-20.08.3/addons/gdbplugin/plugin_kategdb.h Examining data/kate-20.08.3/addons/gdbplugin/ioview.cpp Examining data/kate-20.08.3/addons/gdbplugin/configview.cpp Examining data/kate-20.08.3/addons/gdbplugin/localsview.h Examining data/kate-20.08.3/addons/gdbplugin/plugin_kategdb.cpp Examining data/kate-20.08.3/addons/gdbplugin/ioview.h Examining data/kate-20.08.3/addons/gdbplugin/debugview.h Examining data/kate-20.08.3/addons/gdbplugin/configview.h Examining data/kate-20.08.3/addons/gdbplugin/localsview.cpp Examining data/kate-20.08.3/addons/gdbplugin/advanced_settings.cpp Examining data/kate-20.08.3/addons/gdbplugin/debugview.cpp Examining data/kate-20.08.3/addons/gdbplugin/advanced_settings.h Examining data/kate-20.08.3/addons/snippets/editrepository.cpp Examining data/kate-20.08.3/addons/snippets/katesnippetglobal.cpp Examining data/kate-20.08.3/addons/snippets/snippetcompletionmodel.h Examining data/kate-20.08.3/addons/snippets/snippetview.cpp Examining data/kate-20.08.3/addons/snippets/editsnippet.h Examining data/kate-20.08.3/addons/snippets/editrepository.h Examining data/kate-20.08.3/addons/snippets/snippetrepository.h Examining data/kate-20.08.3/addons/snippets/snippet.h Examining data/kate-20.08.3/addons/snippets/snippetrepository.cpp Examining data/kate-20.08.3/addons/snippets/snippetview.h Examining data/kate-20.08.3/addons/snippets/snippetcompletionitem.h Examining data/kate-20.08.3/addons/snippets/katesnippetglobal.h Examining data/kate-20.08.3/addons/snippets/snippet.cpp Examining data/kate-20.08.3/addons/snippets/katesnippets.h Examining data/kate-20.08.3/addons/snippets/editsnippet.cpp Examining data/kate-20.08.3/addons/snippets/katesnippets.cpp Examining data/kate-20.08.3/addons/snippets/snippetcompletionmodel.cpp Examining data/kate-20.08.3/addons/snippets/snippetstore.h Examining data/kate-20.08.3/addons/snippets/snippetcompletionitem.cpp Examining data/kate-20.08.3/addons/snippets/snippetstore.cpp Examining data/kate-20.08.3/addons/textfilter/plugin_katetextfilter.h Examining data/kate-20.08.3/addons/textfilter/plugin_katetextfilter.cpp Examining data/kate-20.08.3/addons/konsole/kateconsole.cpp Examining data/kate-20.08.3/addons/konsole/kateconsole.h Examining data/kate-20.08.3/addons/xmltools/pseudo_dtd.cpp Examining data/kate-20.08.3/addons/xmltools/plugin_katexmltools.h Examining data/kate-20.08.3/addons/xmltools/pseudo_dtd.h Examining data/kate-20.08.3/addons/xmltools/plugin_katexmltools.cpp Examining data/kate-20.08.3/addons/kate-ctags/ctagskinds.cpp Examining data/kate-20.08.3/addons/kate-ctags/kate_ctags_view.cpp Examining data/kate-20.08.3/addons/kate-ctags/kate_ctags_plugin.cpp Examining data/kate-20.08.3/addons/kate-ctags/tags.h Examining data/kate-20.08.3/addons/kate-ctags/kate_ctags_view.h Examining data/kate-20.08.3/addons/kate-ctags/kate_ctags_plugin.h Examining data/kate-20.08.3/addons/kate-ctags/tags.cpp Examining data/kate-20.08.3/addons/kate-ctags/readtags.h Examining data/kate-20.08.3/addons/kate-ctags/readtags.c Examining data/kate-20.08.3/addons/kate-ctags/ctagskinds.h Examining data/kate-20.08.3/addons/close-except-like/close_confirm_dialog.cpp Examining data/kate-20.08.3/addons/close-except-like/close_confirm_dialog.h Examining data/kate-20.08.3/addons/close-except-like/close_except_plugin.cpp Examining data/kate-20.08.3/addons/close-except-like/close_except_plugin.h Examining data/kate-20.08.3/addons/katebuild-plugin/targets.cpp Examining data/kate-20.08.3/addons/katebuild-plugin/targets.h Examining data/kate-20.08.3/addons/katebuild-plugin/TargetModel.h Examining data/kate-20.08.3/addons/katebuild-plugin/test/main.c Examining data/kate-20.08.3/addons/katebuild-plugin/test/subdir/enter_exit_subdir.c Examining data/kate-20.08.3/addons/katebuild-plugin/test/subdir/enter_exit_subdir.h Examining data/kate-20.08.3/addons/katebuild-plugin/test/incl_from.c Examining data/kate-20.08.3/addons/katebuild-plugin/test/incl_from.h Examining data/kate-20.08.3/addons/katebuild-plugin/test/incl_from_from.h Examining data/kate-20.08.3/addons/katebuild-plugin/TargetHtmlDelegate.cpp Examining data/kate-20.08.3/addons/katebuild-plugin/SelectTargetView.cpp Examining data/kate-20.08.3/addons/katebuild-plugin/plugin_katebuild.cpp Examining data/kate-20.08.3/addons/katebuild-plugin/UrlInserter.h Examining data/kate-20.08.3/addons/katebuild-plugin/TargetModel.cpp Examining data/kate-20.08.3/addons/katebuild-plugin/TargetHtmlDelegate.h Examining data/kate-20.08.3/addons/katebuild-plugin/plugin_katebuild.h Examining data/kate-20.08.3/addons/katebuild-plugin/SelectTargetView.h Examining data/kate-20.08.3/addons/katebuild-plugin/UrlInserter.cpp Examining data/kate-20.08.3/addons/replicode/replicodeconfigpage.h Examining data/kate-20.08.3/addons/replicode/replicodeconfig.h Examining data/kate-20.08.3/addons/replicode/replicodeconfigpage.cpp Examining data/kate-20.08.3/addons/replicode/replicodesettings.h Examining data/kate-20.08.3/addons/replicode/replicodeconfig.cpp Examining data/kate-20.08.3/addons/replicode/replicodeview.cpp Examining data/kate-20.08.3/addons/replicode/replicodeplugin.cpp Examining data/kate-20.08.3/addons/replicode/replicodeview.h Examining data/kate-20.08.3/addons/replicode/replicodesettings.cpp Examining data/kate-20.08.3/addons/replicode/replicodeplugin.h Examining data/kate-20.08.3/addons/filebrowser/katebookmarkhandler.cpp Examining data/kate-20.08.3/addons/filebrowser/katefilebrowserconfig.cpp Examining data/kate-20.08.3/addons/filebrowser/katefilebrowserplugin.h Examining data/kate-20.08.3/addons/filebrowser/katebookmarkhandler.h Examining data/kate-20.08.3/addons/filebrowser/katefilebrowser.h Examining data/kate-20.08.3/addons/filebrowser/katefilebrowser.cpp Examining data/kate-20.08.3/addons/filebrowser/katefilebrowserplugin.cpp Examining data/kate-20.08.3/addons/filebrowser/katefilebrowserconfig.h Examining data/kate-20.08.3/kwrite/kwriteapplication.h Examining data/kate-20.08.3/kwrite/main.cpp Examining data/kate-20.08.3/kwrite/kwrite.h Examining data/kate-20.08.3/kwrite/kwrite.cpp Examining data/kate-20.08.3/kwrite/kwriteapplication.cpp Examining data/kate-20.08.3/urlinfo.h FINAL RESULTS: data/kate-20.08.3/addons/kate-ctags/readtags.c:371:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (result, str); data/kate-20.08.3/addons/kate-ctags/readtags.c:890:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stderr, Usage, ProgramName); data/kate-20.08.3/addons/kate-ctags/readtags.c:923:8: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stderr, Usage, ProgramName); data/kate-20.08.3/addons/kate-ctags/readtags.c:936:8: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stderr, Usage, ProgramName); data/kate-20.08.3/addons/project/ctags/readtags.c:349:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(result, str); data/kate-20.08.3/addons/project/ctags/readtags.c:850:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, Usage, ProgramName); data/kate-20.08.3/addons/project/ctags/readtags.c:874:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, Usage, ProgramName); data/kate-20.08.3/addons/project/ctags/readtags.c:886:25: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, Usage, ProgramName); data/kate-20.08.3/addons/symbolviewer/testfile.c:53:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(QLatin1String("Damn !!! Better going to bed :((")); data/kate-20.08.3/addons/backtracebrowser/btdatabase.cpp:29:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QIODevice::ReadOnly)) { data/kate-20.08.3/addons/backtracebrowser/btdatabase.cpp:40:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QIODevice::WriteOnly)) { data/kate-20.08.3/addons/backtracebrowser/katebacktracebrowser.cpp:164:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (f.open(QIODevice::ReadOnly | QIODevice::Text)) { data/kate-20.08.3/addons/filetree/autotests/filetree_model_test.cpp:125:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(val1, a.constData(), a.size() + 1); data/kate-20.08.3/addons/filetree/autotests/filetree_model_test.cpp:126:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(val2, b.constData(), b.size() + 1); data/kate-20.08.3/addons/gdbplugin/ioview.cpp:97:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!m_stdin.open(QIODevice::ReadWrite)) data/kate-20.08.3/addons/gdbplugin/ioview.cpp:101:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_stdoutD.open(QIODevice::ReadWrite); data/kate-20.08.3/addons/gdbplugin/ioview.cpp:104:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_stdoutFD = ::open(m_stdoutFifo.toLocal8Bit().data(), O_RDWR | O_NONBLOCK); data/kate-20.08.3/addons/gdbplugin/ioview.cpp:107:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!m_stdout.open(m_stdoutFD, QIODevice::ReadWrite)) data/kate-20.08.3/addons/gdbplugin/ioview.cpp:115:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_stderrD.open(QIODevice::ReadWrite); data/kate-20.08.3/addons/gdbplugin/ioview.cpp:118:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_stderrFD = ::open(m_stderrFifo.toLocal8Bit().data(), O_RDONLY | O_NONBLOCK); data/kate-20.08.3/addons/gdbplugin/ioview.cpp:121:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!m_stderr.open(m_stderrFD, QIODevice::ReadOnly)) data/kate-20.08.3/addons/gdbplugin/ioview.cpp:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chData[256]; data/kate-20.08.3/addons/gdbplugin/ioview.cpp:166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chData[256]; data/kate-20.08.3/addons/kate-ctags/readtags.c:278:35: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). entry->address.lineNumber = atol (value); data/kate-20.08.3/addons/kate-ctags/readtags.c:336:31: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). entry->address.lineNumber = atol (p); data/kate-20.08.3/addons/kate-ctags/readtags.c:404:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file->sortMethod = (sortType) atoi (value); data/kate-20.08.3/addons/kate-ctags/readtags.c:406:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file->format = atoi (value); data/kate-20.08.3/addons/kate-ctags/readtags.c:456:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result->fp = fopen (filePath, "r"); data/kate-20.08.3/addons/katesql/dataoutputwidget.cpp:260:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (data.open(QFile::WriteOnly | QFile::Truncate)) { data/kate-20.08.3/addons/katesql/sqlmanager.cpp:78:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (db.open()) data/kate-20.08.3/addons/katesql/sqlmanager.cpp:111:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!db.open()) { data/kate-20.08.3/addons/katesql/sqlmanager.cpp:146:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!db.open()) { data/kate-20.08.3/addons/lspclient/lspclientconfigpage.cpp:68:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). defaultConfigFile.open(QIODevice::ReadOnly); data/kate-20.08.3/addons/lspclient/lspclientconfigpage.cpp:170:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). configFile.open(QIODevice::WriteOnly); data/kate-20.08.3/addons/lspclient/lspclientconfigpage.cpp:216:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). configFile.open(QIODevice::ReadOnly); data/kate-20.08.3/addons/lspclient/lspclientpluginview.cpp:181:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file.open(QIODevice::ReadOnly); data/kate-20.08.3/addons/lspclient/lspclientservermanager.cpp:213:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open : 1; data/kate-20.08.3/addons/lspclient/lspclientservermanager.cpp:612:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). defaultConfigFile.open(QIODevice::ReadOnly); data/kate-20.08.3/addons/lspclient/lspclientservermanager.cpp:620:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (f.open(QIODevice::ReadOnly)) { data/kate-20.08.3/addons/lspclient/lspclientservermanager.cpp:684:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (it->open) { data/kate-20.08.3/addons/lspclient/lspclientservermanager.cpp:725:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (it->open) { data/kate-20.08.3/addons/lspclient/tests/lsptestapp.cpp:60:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) data/kate-20.08.3/addons/preview/kpartview.cpp:201:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_bufferFile->open(); data/kate-20.08.3/addons/project/ctags/readtags.c:265:49: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). entry->address.lineNumber = atol(value); data/kate-20.08.3/addons/project/ctags/readtags.c:316:45: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). entry->address.lineNumber = atol(p); data/kate-20.08.3/addons/project/ctags/readtags.c:381:47: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file->sortMethod = (sortType) atoi(value); data/kate-20.08.3/addons/project/ctags/readtags.c:383:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file->format = atoi(value); data/kate-20.08.3/addons/project/ctags/readtags.c:433:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result->fp = fopen(filePath, "r"); data/kate-20.08.3/addons/project/kateproject.cpp:93:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::ReadOnly)) { data/kate-20.08.3/addons/project/kateproject.cpp:269:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (inFile.open(QIODevice::ReadOnly)) { data/kate-20.08.3/addons/project/kateproject.cpp:313:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (outFile.open(QIODevice::WriteOnly | QIODevice::Truncate)) { data/kate-20.08.3/addons/project/kateprojectindex.cpp:80:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!m_ctagsIndexFile->open(QIODevice::ReadWrite)) { data/kate-20.08.3/addons/project/kateprojectindex.cpp:126:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!m_ctagsIndexFile->open(QIODevice::ReadOnly)) { data/kate-20.08.3/addons/project/kateprojectplugin.cpp:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tty[L_ctermid + 1] = {0}; data/kate-20.08.3/addons/project/kateprojectplugin.cpp:92:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = ::open(tty, O_RDONLY); data/kate-20.08.3/addons/search/SearchDiskFiles.cpp:100:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::ReadOnly)) { data/kate-20.08.3/addons/search/SearchDiskFiles.cpp:144:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::ReadOnly)) { data/kate-20.08.3/addons/snippets/snippetrepository.cpp:249:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!outfile.open(QIODevice::WriteOnly)) { data/kate-20.08.3/addons/snippets/snippetrepository.cpp:284:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!f.open(QIODevice::ReadOnly)) { data/kate-20.08.3/addons/xmlcheck/plugin_katexmlcheck.cpp:292:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!m_tmp_file->open()) { data/kate-20.08.3/kate/autotests/session_test.cpp:44:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QVERIFY(m_tmpfile->open()); data/kate-20.08.3/kate/autotests/session_test.cpp:78:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). newFile.open(); data/kate-20.08.3/kate/autotests/session_test.cpp:100:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). newFile.open(); data/kate-20.08.3/kate/autotests/session_test.cpp:131:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2.open(); data/kate-20.08.3/kate/katemwmodonhddialog.cpp:266:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_diffFile->open(); data/kate-20.08.3/kate/qtsingleapplication/qtlocalpeer.cpp:82:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lockFile.open(QIODevice::ReadWrite); data/kate-20.08.3/kate/qtsingleapplication/qtsingleapplication.cpp:77:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lockfile.open(QtLockedFile::ReadWrite); data/kate-20.08.3/kate/qtsingleapplication/qtsingleapplication.cpp:103:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lockfile.open(QtLockedFile::ReadWrite); data/kate-20.08.3/kate/session/katesessionmanagedialog.cpp:53:54: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). KGuiItem::assign(m_openButton, KStandardGuiItem::open()); data/kate-20.08.3/kate/session/katesessionmanager.cpp:369:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (fileToSync.open(QIODevice::ReadOnly)) { data/kate-20.08.3/addons/gdbplugin/ioview.cpp:147:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). res = m_stdout.read(chData, 255); data/kate-20.08.3/addons/gdbplugin/ioview.cpp:170:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). res = m_stderr.read(chData, 255); data/kate-20.08.3/addons/kate-ctags/readtags.c:166:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen (file->line.buffer); data/kate-20.08.3/addons/kate-ctags/readtags.c:169:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (file->name.buffer, file->line.buffer, length); data/kate-20.08.3/addons/kate-ctags/readtags.c:209:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t i = strlen (file->line.buffer); data/kate-20.08.3/addons/kate-ctags/readtags.c:367:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = (char*) malloc (strlen (str) + 1); data/kate-20.08.3/addons/kate-ctags/readtags.c:379:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t prefixLength = strlen (PseudoTagPrefix); data/kate-20.08.3/addons/kate-ctags/readtags.c:432:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t prefixLength = strlen (PseudoTagPrefix); data/kate-20.08.3/addons/kate-ctags/readtags.c:658:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). file->search.nameLength = strlen (name); data/kate-20.08.3/addons/kate-ctags/readtags.c:917:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). j += strlen (TagFileName); data/kate-20.08.3/addons/lspclient/lspclientserver.cpp:786:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). QObject::connect(&m_sproc, &QProcess::readyRead, utils::mem_fun(&self_type::read, this)); data/kate-20.08.3/addons/lspclient/lspclientserver.cpp:881:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read() data/kate-20.08.3/addons/project/ctags/readtags.c:159:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(file->line.buffer); data/kate-20.08.3/addons/project/ctags/readtags.c:164:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(file->name.buffer, file->line.buffer, length); data/kate-20.08.3/addons/project/ctags/readtags.c:199:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t i = strlen(file->line.buffer); data/kate-20.08.3/addons/project/ctags/readtags.c:345:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = (char *) malloc(strlen(str) + 1); data/kate-20.08.3/addons/project/ctags/readtags.c:358:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t prefixLength = strlen(PseudoTagPrefix); data/kate-20.08.3/addons/project/ctags/readtags.c:409:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t prefixLength = strlen(PseudoTagPrefix); data/kate-20.08.3/addons/project/ctags/readtags.c:626:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). file->search.nameLength = strlen(name); data/kate-20.08.3/addons/project/ctags/readtags.c:870:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). j += strlen(TagFileName); data/kate-20.08.3/kate/qtsingleapplication/qtlocalpeer.cpp:131:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). res &= (socket.read(qstrlen(ack)) == ack); ANALYSIS SUMMARY: Hits = 91 Lines analyzed = 71549 in approximately 1.95 seconds (36671 lines/second) Physical Source Lines of Code (SLOC) = 46039 Hits@level = [0] 32 [1] 21 [2] 61 [3] 0 [4] 9 [5] 0 Hits@level+ = [0+] 123 [1+] 91 [2+] 70 [3+] 9 [4+] 9 [5+] 0 Hits/KSLOC@level+ = [0+] 2.67165 [1+] 1.97659 [2+] 1.52045 [3+] 0.195486 [4+] 0.195486 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.