Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/khelpcenter-20.04.2/fontdialog.h
Examining data/khelpcenter-20.04.2/navigatoritem.h
Examining data/khelpcenter-20.04.2/treebuilder.h
Examining data/khelpcenter-20.04.2/scrollkeepertreebuilder.cpp
Examining data/khelpcenter-20.04.2/navigatorappgroupitem.cpp
Examining data/khelpcenter-20.04.2/plugintraverser.cpp
Examining data/khelpcenter-20.04.2/view.h
Examining data/khelpcenter-20.04.2/mainwindow.h
Examining data/khelpcenter-20.04.2/searchwidget.h
Examining data/khelpcenter-20.04.2/searchhandler.h
Examining data/khelpcenter-20.04.2/docentry.h
Examining data/khelpcenter-20.04.2/view.cpp
Examining data/khelpcenter-20.04.2/tests/testmetainfo.cpp
Examining data/khelpcenter-20.04.2/scrollkeepertreebuilder.h
Examining data/khelpcenter-20.04.2/application.cpp
Examining data/khelpcenter-20.04.2/history.h
Examining data/khelpcenter-20.04.2/navigatoritem.cpp
Examining data/khelpcenter-20.04.2/navigator.h
Examining data/khelpcenter-20.04.2/glossary.cpp
Examining data/khelpcenter-20.04.2/mainwindow.cpp
Examining data/khelpcenter-20.04.2/docentrytraverser.h
Examining data/khelpcenter-20.04.2/navigatorappitem.cpp
Examining data/khelpcenter-20.04.2/infotree.cpp
Examining data/khelpcenter-20.04.2/plugintraverser.h
Examining data/khelpcenter-20.04.2/docentrytraverser.cpp
Examining data/khelpcenter-20.04.2/bookmarkowner.cpp
Examining data/khelpcenter-20.04.2/navigator.cpp
Examining data/khelpcenter-20.04.2/searchhandlers/xapiansearch.cpp
Examining data/khelpcenter-20.04.2/searchhandlers/htmltextdump.h
Examining data/khelpcenter-20.04.2/searchhandlers/cachereader.h
Examining data/khelpcenter-20.04.2/searchhandlers/xapiancommon.cpp
Examining data/khelpcenter-20.04.2/searchhandlers/htmltextdump.cpp
Examining data/khelpcenter-20.04.2/searchhandlers/xapianindexer.cpp
Examining data/khelpcenter-20.04.2/searchhandlers/cachereader.cpp
Examining data/khelpcenter-20.04.2/searchhandlers/xapiancommon.h
Examining data/khelpcenter-20.04.2/searchengine.cpp
Examining data/khelpcenter-20.04.2/infotree.h
Examining data/khelpcenter-20.04.2/docmetainfo.cpp
Examining data/khelpcenter-20.04.2/searchwidget.cpp
Examining data/khelpcenter-20.04.2/navigatorappitem.h
Examining data/khelpcenter-20.04.2/glossary.h
Examining data/khelpcenter-20.04.2/application.h
Examining data/khelpcenter-20.04.2/grantleeformatter.cpp
Examining data/khelpcenter-20.04.2/navigatorappgroupitem.h
Examining data/khelpcenter-20.04.2/treebuilder.cpp
Examining data/khelpcenter-20.04.2/searchhandler.cpp
Examining data/khelpcenter-20.04.2/scopeitem.h
Examining data/khelpcenter-20.04.2/grantleeformatter.h
Examining data/khelpcenter-20.04.2/fontdialog.cpp
Examining data/khelpcenter-20.04.2/docentry.cpp
Examining data/khelpcenter-20.04.2/docmetainfo.h
Examining data/khelpcenter-20.04.2/searchengine.h
Examining data/khelpcenter-20.04.2/toc.cpp
Examining data/khelpcenter-20.04.2/toc.h
Examining data/khelpcenter-20.04.2/history.cpp
Examining data/khelpcenter-20.04.2/bookmarkowner.h
FINAL RESULTS:
data/khelpcenter-20.04.2/glossary.cpp:205:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !cacheFile.open( QIODevice::ReadOnly ) )
data/khelpcenter-20.04.2/infotree.cpp:42:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void itemExpanded( bool open ) override;
data/khelpcenter-20.04.2/infotree.cpp:60:43: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void InfoCategoryItem::itemExpanded( bool open )
data/khelpcenter-20.04.2/infotree.cpp:62:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
NavigatorItem::itemExpanded( open );
data/khelpcenter-20.04.2/infotree.cpp:64:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( open && childCount() > 0 ) setIcon( 0, QIcon::fromTheme( QStringLiteral("help-contents") ) );
data/khelpcenter-20.04.2/infotree.cpp:117:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !infoDirFile.open( QIODevice::ReadOnly ) )
data/khelpcenter-20.04.2/navigatorappgroupitem.cpp:70:47: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void NavigatorAppGroupItem::itemExpanded(bool open)
data/khelpcenter-20.04.2/navigatorappgroupitem.cpp:74:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( open && (childCount() == 0) && !mPopulated )
data/khelpcenter-20.04.2/navigatorappgroupitem.cpp:79:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
NavigatorItem::itemExpanded(open);
data/khelpcenter-20.04.2/navigatorappitem.cpp:80:43: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void NavigatorAppItem::itemExpanded( bool open )
data/khelpcenter-20.04.2/navigatorappitem.cpp:82:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( open ) {
data/khelpcenter-20.04.2/navigatorappitem.h:42:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void itemExpanded( bool open ) override;
data/khelpcenter-20.04.2/navigatoritem.cpp:85:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void NavigatorItem::itemExpanded( bool open )
data/khelpcenter-20.04.2/navigatoritem.cpp:87:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Q_UNUSED( open );
data/khelpcenter-20.04.2/navigatoritem.h:48:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void itemExpanded( bool open );
data/khelpcenter-20.04.2/scrollkeepertreebuilder.cpp:87:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !f.open( QIODevice::ReadOnly ) )
data/khelpcenter-20.04.2/searchhandlers/cachereader.cpp:41:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !dev.open( QIODevice::ReadOnly ) ) {
data/khelpcenter-20.04.2/toc.cpp:129:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !f.open( QIODevice::ReadOnly ) )
data/khelpcenter-20.04.2/toc.cpp:185:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !f.open( QIODevice::ReadWrite ) )
data/khelpcenter-20.04.2/toc.cpp:217:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !f.open( QIODevice::ReadOnly ) )
data/khelpcenter-20.04.2/view.cpp:72:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (css_file.open(QIODevice::ReadOnly))
ANALYSIS SUMMARY:
Hits = 21
Lines analyzed = 8846 in approximately 0.29 seconds (30340 lines/second)
Physical Source Lines of Code (SLOC) = 5902
Hits@level = [0] 0 [1] 0 [2] 21 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 21 [1+] 21 [2+] 21 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 3.55812 [1+] 3.55812 [2+] 3.55812 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.