Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/khelpcenter-20.04.2/fontdialog.h Examining data/khelpcenter-20.04.2/navigatoritem.h Examining data/khelpcenter-20.04.2/treebuilder.h Examining data/khelpcenter-20.04.2/scrollkeepertreebuilder.cpp Examining data/khelpcenter-20.04.2/navigatorappgroupitem.cpp Examining data/khelpcenter-20.04.2/plugintraverser.cpp Examining data/khelpcenter-20.04.2/view.h Examining data/khelpcenter-20.04.2/mainwindow.h Examining data/khelpcenter-20.04.2/searchwidget.h Examining data/khelpcenter-20.04.2/searchhandler.h Examining data/khelpcenter-20.04.2/docentry.h Examining data/khelpcenter-20.04.2/view.cpp Examining data/khelpcenter-20.04.2/tests/testmetainfo.cpp Examining data/khelpcenter-20.04.2/scrollkeepertreebuilder.h Examining data/khelpcenter-20.04.2/application.cpp Examining data/khelpcenter-20.04.2/history.h Examining data/khelpcenter-20.04.2/navigatoritem.cpp Examining data/khelpcenter-20.04.2/navigator.h Examining data/khelpcenter-20.04.2/glossary.cpp Examining data/khelpcenter-20.04.2/mainwindow.cpp Examining data/khelpcenter-20.04.2/docentrytraverser.h Examining data/khelpcenter-20.04.2/navigatorappitem.cpp Examining data/khelpcenter-20.04.2/infotree.cpp Examining data/khelpcenter-20.04.2/plugintraverser.h Examining data/khelpcenter-20.04.2/docentrytraverser.cpp Examining data/khelpcenter-20.04.2/bookmarkowner.cpp Examining data/khelpcenter-20.04.2/navigator.cpp Examining data/khelpcenter-20.04.2/searchhandlers/xapiansearch.cpp Examining data/khelpcenter-20.04.2/searchhandlers/htmltextdump.h Examining data/khelpcenter-20.04.2/searchhandlers/cachereader.h Examining data/khelpcenter-20.04.2/searchhandlers/xapiancommon.cpp Examining data/khelpcenter-20.04.2/searchhandlers/htmltextdump.cpp Examining data/khelpcenter-20.04.2/searchhandlers/xapianindexer.cpp Examining data/khelpcenter-20.04.2/searchhandlers/cachereader.cpp Examining data/khelpcenter-20.04.2/searchhandlers/xapiancommon.h Examining data/khelpcenter-20.04.2/searchengine.cpp Examining data/khelpcenter-20.04.2/infotree.h Examining data/khelpcenter-20.04.2/docmetainfo.cpp Examining data/khelpcenter-20.04.2/searchwidget.cpp Examining data/khelpcenter-20.04.2/navigatorappitem.h Examining data/khelpcenter-20.04.2/glossary.h Examining data/khelpcenter-20.04.2/application.h Examining data/khelpcenter-20.04.2/grantleeformatter.cpp Examining data/khelpcenter-20.04.2/navigatorappgroupitem.h Examining data/khelpcenter-20.04.2/treebuilder.cpp Examining data/khelpcenter-20.04.2/searchhandler.cpp Examining data/khelpcenter-20.04.2/scopeitem.h Examining data/khelpcenter-20.04.2/grantleeformatter.h Examining data/khelpcenter-20.04.2/fontdialog.cpp Examining data/khelpcenter-20.04.2/docentry.cpp Examining data/khelpcenter-20.04.2/docmetainfo.h Examining data/khelpcenter-20.04.2/searchengine.h Examining data/khelpcenter-20.04.2/toc.cpp Examining data/khelpcenter-20.04.2/toc.h Examining data/khelpcenter-20.04.2/history.cpp Examining data/khelpcenter-20.04.2/bookmarkowner.h FINAL RESULTS: data/khelpcenter-20.04.2/glossary.cpp:205:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !cacheFile.open( QIODevice::ReadOnly ) ) data/khelpcenter-20.04.2/infotree.cpp:42:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void itemExpanded( bool open ) override; data/khelpcenter-20.04.2/infotree.cpp:60:43: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void InfoCategoryItem::itemExpanded( bool open ) data/khelpcenter-20.04.2/infotree.cpp:62:32: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). NavigatorItem::itemExpanded( open ); data/khelpcenter-20.04.2/infotree.cpp:64:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( open && childCount() > 0 ) setIcon( 0, QIcon::fromTheme( QStringLiteral("help-contents") ) ); data/khelpcenter-20.04.2/infotree.cpp:117:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !infoDirFile.open( QIODevice::ReadOnly ) ) data/khelpcenter-20.04.2/navigatorappgroupitem.cpp:70:47: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void NavigatorAppGroupItem::itemExpanded(bool open) data/khelpcenter-20.04.2/navigatorappgroupitem.cpp:74:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( open && (childCount() == 0) && !mPopulated ) data/khelpcenter-20.04.2/navigatorappgroupitem.cpp:79:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). NavigatorItem::itemExpanded(open); data/khelpcenter-20.04.2/navigatorappitem.cpp:80:43: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void NavigatorAppItem::itemExpanded( bool open ) data/khelpcenter-20.04.2/navigatorappitem.cpp:82:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( open ) { data/khelpcenter-20.04.2/navigatorappitem.h:42:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void itemExpanded( bool open ) override; data/khelpcenter-20.04.2/navigatoritem.cpp:85:40: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void NavigatorItem::itemExpanded( bool open ) data/khelpcenter-20.04.2/navigatoritem.cpp:87:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Q_UNUSED( open ); data/khelpcenter-20.04.2/navigatoritem.h:48:37: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). virtual void itemExpanded( bool open ); data/khelpcenter-20.04.2/scrollkeepertreebuilder.cpp:87:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !f.open( QIODevice::ReadOnly ) ) data/khelpcenter-20.04.2/searchhandlers/cachereader.cpp:41:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !dev.open( QIODevice::ReadOnly ) ) { data/khelpcenter-20.04.2/toc.cpp:129:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !f.open( QIODevice::ReadOnly ) ) data/khelpcenter-20.04.2/toc.cpp:185:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !f.open( QIODevice::ReadWrite ) ) data/khelpcenter-20.04.2/toc.cpp:217:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !f.open( QIODevice::ReadOnly ) ) data/khelpcenter-20.04.2/view.cpp:72:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (css_file.open(QIODevice::ReadOnly)) ANALYSIS SUMMARY: Hits = 21 Lines analyzed = 8846 in approximately 0.29 seconds (30340 lines/second) Physical Source Lines of Code (SLOC) = 5902 Hits@level = [0] 0 [1] 0 [2] 21 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 21 [1+] 21 [2+] 21 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 3.55812 [1+] 3.55812 [2+] 3.55812 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.