Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kparts-5.74.0/autotests/parttest.h Examining data/kparts-5.74.0/autotests/notepad.h Examining data/kparts-5.74.0/autotests/parttest.cpp Examining data/kparts-5.74.0/autotests/openorsavequestion_unittest.cpp Examining data/kparts-5.74.0/autotests/notepad.cpp Examining data/kparts-5.74.0/autotests/partloadertest.cpp Examining data/kparts-5.74.0/tests/partviewer.cpp Examining data/kparts-5.74.0/tests/plugin_spellcheck.cpp Examining data/kparts-5.74.0/tests/normalktm.h Examining data/kparts-5.74.0/tests/parts.h Examining data/kparts-5.74.0/tests/partviewer.h Examining data/kparts-5.74.0/tests/terminal_test.cpp Examining data/kparts-5.74.0/tests/testmainwindow.cpp Examining data/kparts-5.74.0/tests/testmainwindow.h Examining data/kparts-5.74.0/tests/normalktm.cpp Examining data/kparts-5.74.0/tests/plugin_spellcheck.h Examining data/kparts-5.74.0/tests/openorsavequestion.cpp Examining data/kparts-5.74.0/tests/parts.cpp Examining data/kparts-5.74.0/templates/kpartsapp/src/shell/main.cpp Examining data/kparts-5.74.0/templates/kpartsapp/src/shell/%{APPNAMELC}shell.cpp Examining data/kparts-5.74.0/templates/kpartsapp/src/shell/%{APPNAMELC}shell.h Examining data/kparts-5.74.0/templates/kpartsapp/src/part/%{APPNAMELC}part.h Examining data/kparts-5.74.0/templates/kpartsapp/src/part/%{APPNAMELC}part.cpp Examining data/kparts-5.74.0/src/readwritepart.cpp Examining data/kparts-5.74.0/src/scriptableextension.cpp Examining data/kparts-5.74.0/src/liveconnectextension.h Examining data/kparts-5.74.0/src/part.cpp Examining data/kparts-5.74.0/src/readwritepart.h Examining data/kparts-5.74.0/src/browserrun.h Examining data/kparts-5.74.0/src/mainwindow.h Examining data/kparts-5.74.0/src/openurlevent.cpp Examining data/kparts-5.74.0/src/openurlarguments.h Examining data/kparts-5.74.0/src/listingfilterextension.h Examining data/kparts-5.74.0/src/listingfilterextension.cpp Examining data/kparts-5.74.0/src/htmlsettingsinterface.cpp Examining data/kparts-5.74.0/src/fileinfoextension.h Examining data/kparts-5.74.0/src/partselectevent.cpp Examining data/kparts-5.74.0/src/htmlextension.h Examining data/kparts-5.74.0/src/scriptableextension.h Examining data/kparts-5.74.0/src/listingnotificationextension.cpp Examining data/kparts-5.74.0/src/selectorinterface.h Examining data/kparts-5.74.0/src/partactivateevent.cpp Examining data/kparts-5.74.0/src/event.cpp Examining data/kparts-5.74.0/src/plugin.cpp Examining data/kparts-5.74.0/src/browserextension.cpp Examining data/kparts-5.74.0/src/partactivateevent.h Examining data/kparts-5.74.0/src/historyprovider.h Examining data/kparts-5.74.0/src/mainwindow.cpp Examining data/kparts-5.74.0/src/readonlypart.cpp Examining data/kparts-5.74.0/src/browserarguments.cpp Examining data/kparts-5.74.0/src/selectorinterface.cpp Examining data/kparts-5.74.0/src/partbase_p.h Examining data/kparts-5.74.0/src/readwritepart_p.h Examining data/kparts-5.74.0/src/partloader.cpp Examining data/kparts-5.74.0/src/listingnotificationextension.h Examining data/kparts-5.74.0/src/liveconnectextension.cpp Examining data/kparts-5.74.0/src/part_p.h Examining data/kparts-5.74.0/src/textextension.h Examining data/kparts-5.74.0/src/browserarguments.h Examining data/kparts-5.74.0/src/browserextension.h Examining data/kparts-5.74.0/src/browseropenorsavequestion.h Examining data/kparts-5.74.0/src/readonlypart.h Examining data/kparts-5.74.0/src/browserhostextension.cpp Examining data/kparts-5.74.0/src/readonlypart_p.h Examining data/kparts-5.74.0/src/statusbarextension.h Examining data/kparts-5.74.0/src/part.h Examining data/kparts-5.74.0/src/partselectevent.h Examining data/kparts-5.74.0/src/guiactivateevent.h Examining data/kparts-5.74.0/src/openurlevent.h Examining data/kparts-5.74.0/src/scriptableextension_p.h Examining data/kparts-5.74.0/src/partbase.cpp Examining data/kparts-5.74.0/src/partmanager.cpp Examining data/kparts-5.74.0/src/windowargs.h Examining data/kparts-5.74.0/src/htmlextension.cpp Examining data/kparts-5.74.0/src/partmanager.h Examining data/kparts-5.74.0/src/htmlsettingsinterface.h Examining data/kparts-5.74.0/src/kde_terminal_interface.h Examining data/kparts-5.74.0/src/historyprovider.cpp Examining data/kparts-5.74.0/src/browserinterface.h Examining data/kparts-5.74.0/src/partbase.h Examining data/kparts-5.74.0/src/event.h Examining data/kparts-5.74.0/src/guiactivateevent.cpp Examining data/kparts-5.74.0/src/partloader.h Examining data/kparts-5.74.0/src/openurlarguments.cpp Examining data/kparts-5.74.0/src/browserrun.cpp Examining data/kparts-5.74.0/src/plugin.h Examining data/kparts-5.74.0/src/fileinfoextension.cpp Examining data/kparts-5.74.0/src/textextension.cpp Examining data/kparts-5.74.0/src/windowargs.cpp Examining data/kparts-5.74.0/src/statusbarextension.cpp Examining data/kparts-5.74.0/src/browserhostextension.h Examining data/kparts-5.74.0/src/browseropenorsavequestion.cpp Examining data/kparts-5.74.0/src/browserinterface.cpp FINAL RESULTS: data/kparts-5.74.0/autotests/notepad.cpp:78:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (f.open(QIODevice::ReadOnly)) { data/kparts-5.74.0/autotests/notepad.cpp:97:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (f.open(QIODevice::WriteOnly)) { data/kparts-5.74.0/autotests/partloadertest.cpp:37:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QVERIFY(mimeAppsFile.open(QIODevice::WriteOnly)); data/kparts-5.74.0/src/browserrun.cpp:299:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tempFile.open(); data/kparts-5.74.0/src/readonlypart.cpp:201:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tempFile.open(); data/kparts-5.74.0/src/readwritepart.cpp:203:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tempFile.open(); data/kparts-5.74.0/src/readwritepart.cpp:241:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tempFile->open(); data/kparts-5.74.0/templates/kpartsapp/src/part/%{APPNAMELC}part.cpp:94:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) { data/kparts-5.74.0/templates/kpartsapp/src/part/%{APPNAMELC}part.cpp:120:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::WriteOnly | QIODevice::Truncate)) { data/kparts-5.74.0/templates/kpartsapp/src/shell/%{APPNAMELC}shell.cpp:68:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). KStandardAction::open(this, &%{APPNAME}Shell::fileOpen, actionCollection()); data/kparts-5.74.0/tests/parts.cpp:75:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (f.open(QIODevice::ReadOnly)) { ANALYSIS SUMMARY: Hits = 11 Lines analyzed = 12616 in approximately 0.44 seconds (28361 lines/second) Physical Source Lines of Code (SLOC) = 7073 Hits@level = [0] 0 [1] 0 [2] 11 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 11 [1+] 11 [2+] 11 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 1.55521 [1+] 1.55521 [2+] 1.55521 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.