stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kcm-ufw-0.4.3/kcm/stackedwidget.cpp
Examining data/kcm-ufw-0.4.3/kcm/strings.cpp
Examining data/kcm-ufw-0.4.3/kcm/logviewer.h
Examining data/kcm-ufw-0.4.3/kcm/ruledialog.h
Examining data/kcm-ufw-0.4.3/kcm/appprofiles.h
Examining data/kcm-ufw-0.4.3/kcm/kcm.h
Examining data/kcm-ufw-0.4.3/kcm/profile.cpp
Examining data/kcm-ufw-0.4.3/kcm/rule.h
Examining data/kcm-ufw-0.4.3/kcm/strings.h
Examining data/kcm-ufw-0.4.3/kcm/appprofiles.cpp
Examining data/kcm-ufw-0.4.3/kcm/statusbox.cpp
Examining data/kcm-ufw-0.4.3/kcm/blocker.cpp
Examining data/kcm-ufw-0.4.3/kcm/blocker.h
Examining data/kcm-ufw-0.4.3/kcm/logviewer.cpp
Examining data/kcm-ufw-0.4.3/kcm/types.h
Examining data/kcm-ufw-0.4.3/kcm/ruledialog.cpp
Examining data/kcm-ufw-0.4.3/kcm/lineedit.cpp
Examining data/kcm-ufw-0.4.3/kcm/stackedwidget.h
Examining data/kcm-ufw-0.4.3/kcm/combobox.cpp
Examining data/kcm-ufw-0.4.3/kcm/lineedit.h
Examining data/kcm-ufw-0.4.3/kcm/types.cpp
Examining data/kcm-ufw-0.4.3/kcm/statusbox.h
Examining data/kcm-ufw-0.4.3/kcm/ruleslist.h
Examining data/kcm-ufw-0.4.3/kcm/combobox.h
Examining data/kcm-ufw-0.4.3/kcm/profile.h
Examining data/kcm-ufw-0.4.3/kcm/ruleslist.cpp
Examining data/kcm-ufw-0.4.3/kcm/kcm.cpp
Examining data/kcm-ufw-0.4.3/kcm/rule.cpp
Examining data/kcm-ufw-0.4.3/helper/helper.cpp
Examining data/kcm-ufw-0.4.3/helper/helper.h

FINAL RESULTS:

data/kcm-ufw-0.4.3/helper/helper.cpp:51:7:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
    ::chmod(QFile::encodeName(f).constData(), perms);
data/kcm-ufw-0.4.3/helper/helper.cpp:80:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if (f.open(QIODevice::ReadOnly)) {
data/kcm-ufw-0.4.3/helper/helper.cpp:99:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if(file.open(QIODevice::ReadOnly|QIODevice::Text))
data/kcm-ufw-0.4.3/helper/helper.cpp:240:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(f.open(QIODevice::WriteOnly))
data/kcm-ufw-0.4.3/kcm/kcm.cpp:710:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(tempFile.open())
data/kcm-ufw-0.4.3/kcm/profile.cpp:62:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if(file.open(QIODevice::ReadOnly))
data/kcm-ufw-0.4.3/kcm/rule.cpp:49:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char num[16];
data/kcm-ufw-0.4.3/kcm/rule.cpp:53:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char conv[41];
data/kcm-ufw-0.4.3/kcm/ruledialog.cpp:368:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dest[16];
data/kcm-ufw-0.4.3/helper/helper.cpp:50:20:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    mode_t oldMask(umask(0000));
data/kcm-ufw-0.4.3/helper/helper.cpp:53:7:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    ::umask(oldMask);

ANALYSIS SUMMARY:

Hits = 11
Lines analyzed = 5583 in approximately 0.55 seconds (10190 lines/second)
Physical Source Lines of Code (SLOC) = 4060
Hits@level = [0]   0 [1]   2 [2]   8 [3]   0 [4]   0 [5]   1
Hits@level+ = [0+]  11 [1+]  11 [2+]   9 [3+]   1 [4+]   1 [5+]   1
Hits/KSLOC@level+ = [0+] 2.70936 [1+] 2.70936 [2+] 2.21675 [3+] 0.246305 [4+] 0.246305 [5+] 0.246305
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.