Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kshutdown-4.2/src/bookmarks.h
Examining data/kshutdown-4.2/src/udialog.cpp
Examining data/kshutdown-4.2/src/progressbar.cpp
Examining data/kshutdown-4.2/src/pureqt.h
Examining data/kshutdown-4.2/src/kshutdown.h
Examining data/kshutdown-4.2/src/main.cpp
Examining data/kshutdown-4.2/src/config.h
Examining data/kshutdown-4.2/src/preferences.h
Examining data/kshutdown-4.2/src/password.h
Examining data/kshutdown-4.2/src/usystemtray.h
Examining data/kshutdown-4.2/src/udialog.h
Examining data/kshutdown-4.2/src/commandline.cpp
Examining data/kshutdown-4.2/src/stats.h
Examining data/kshutdown-4.2/src/actions/extras.cpp
Examining data/kshutdown-4.2/src/actions/lock.cpp
Examining data/kshutdown-4.2/src/actions/extras.h
Examining data/kshutdown-4.2/src/actions/lock.h
Examining data/kshutdown-4.2/src/actions/test.cpp
Examining data/kshutdown-4.2/src/actions/bootentry.h
Examining data/kshutdown-4.2/src/actions/bootentry.cpp
Examining data/kshutdown-4.2/src/actions/test.h
Examining data/kshutdown-4.2/src/version.h
Examining data/kshutdown-4.2/src/log.h
Examining data/kshutdown-4.2/src/log.cpp
Examining data/kshutdown-4.2/src/commandline.h
Examining data/kshutdown-4.2/src/usystemtray.cpp
Examining data/kshutdown-4.2/src/infowidget.h
Examining data/kshutdown-4.2/src/utils.cpp
Examining data/kshutdown-4.2/src/triggers/idlemonitor.h
Examining data/kshutdown-4.2/src/triggers/processmonitor.h
Examining data/kshutdown-4.2/src/triggers/idlemonitor.cpp
Examining data/kshutdown-4.2/src/triggers/processmonitor.cpp
Examining data/kshutdown-4.2/src/mainwindow.h
Examining data/kshutdown-4.2/src/mod.h
Examining data/kshutdown-4.2/src/bookmarks.cpp
Examining data/kshutdown-4.2/src/stats.cpp
Examining data/kshutdown-4.2/src/kshutdown.cpp
Examining data/kshutdown-4.2/src/preferences.cpp
Examining data/kshutdown-4.2/src/infowidget.cpp
Examining data/kshutdown-4.2/src/password.cpp
Examining data/kshutdown-4.2/src/mainwindow.cpp
Examining data/kshutdown-4.2/src/utils.h
Examining data/kshutdown-4.2/src/config.cpp
Examining data/kshutdown-4.2/src/progressbar.h
Examining data/kshutdown-4.2/src/mod.cpp

FINAL RESULTS:

data/kshutdown-4.2/src/kshutdown.cpp:478:32:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	QString timeFormat = QLocale::system()
data/kshutdown-4.2/src/main.cpp:190:26:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	QString lang = QLocale::system().name();
data/kshutdown-4.2/src/actions/bootentry.cpp:51:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (grubConfigFile.open(QFile::ReadOnly)) {
data/kshutdown-4.2/src/actions/extras.cpp:152:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		setStringOption(config->read("Command", "").toString());
data/kshutdown-4.2/src/actions/extras.cpp:399:26:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	bool showInfo = config->read("Show Info", true).toBool();
data/kshutdown-4.2/src/actions/lock.cpp:57:34:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	QString customCommand = config->read("Custom Command", "").toString();
data/kshutdown-4.2/src/actions/test.cpp:73:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	m_textField->setText(config->read("Text", "").toString());
data/kshutdown-4.2/src/bookmarks.cpp:162:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	int count = config->read("Count", 0).toInt();
data/kshutdown-4.2/src/bookmarks.cpp:167:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				config->read("Text " + index, "").toString(),
data/kshutdown-4.2/src/bookmarks.cpp:169:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				config->read("Action " + index, "").toString(),
data/kshutdown-4.2/src/bookmarks.cpp:170:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				config->read("Trigger " + index, "").toString(),
data/kshutdown-4.2/src/bookmarks.cpp:171:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				config->read("Action Option " + index, "").toString(),
data/kshutdown-4.2/src/bookmarks.cpp:172:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				config->read("Trigger Option " + index, "").toString()
data/kshutdown-4.2/src/bookmarks.cpp:174:46:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			bookmarkAction->m_confirmAction = config->read("Confirm Action " + index, true).toBool();
data/kshutdown-4.2/src/config.cpp:126:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
QVariant Config::read(const QString &key, const QVariant &defaultValue) {
data/kshutdown-4.2/src/config.cpp:145:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	bool result = config->read(key, defaultValue).toBool();
data/kshutdown-4.2/src/config.cpp:217:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		m_lazyVariant = config->read(m_key, m_defaultVariant);
data/kshutdown-4.2/src/config.h:64:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	QVariant read(const QString &key, const QVariant &defaultValue);
data/kshutdown-4.2/src/kshutdown.cpp:490:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	m_dateTime = config->read("Date Time", m_dateTime).toDateTime();
data/kshutdown-4.2/src/mainwindow.cpp:1066:42:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
void MainWindow::pluginConfig(const bool read) {
data/kshutdown-4.2/src/mainwindow.cpp:1071:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		if (read)
data/kshutdown-4.2/src/mainwindow.cpp:1080:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		if (read)
data/kshutdown-4.2/src/mainwindow.cpp:1093:28:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	setSelectedAction(config->read("Selected Action", "shutdown").toString());
data/kshutdown-4.2/src/mainwindow.cpp:1094:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	setSelectedTrigger(config->read("Selected Trigger", "time-from-now").toString());
data/kshutdown-4.2/src/mainwindow.h:131:38:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	static void pluginConfig(const bool read);
data/kshutdown-4.2/src/mod.cpp:113:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	QString configMod = config->read("Value", "").toString();
data/kshutdown-4.2/src/password.cpp:110:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	QString hash = config->read("Hash", "").toString();
data/kshutdown-4.2/src/password.cpp:245:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		config->read("Hash", "").toString().isEmpty()
data/kshutdown-4.2/src/preferences.cpp:72:42:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	int currentTabIndex = qBound(0, config->read("Current Tab Index", 0).toInt(), m_tabs->count() - 1);
data/kshutdown-4.2/src/preferences.cpp:148:33:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	m_lockCommand->setText(config->read("Custom Command", "").toString());
data/kshutdown-4.2/src/stats.cpp:40:34:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	m_textView->setPlainText(Utils::read(process, ok));
data/kshutdown-4.2/src/triggers/processmonitor.cpp:145:28:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	m_recentCommand = config->read("Recent Command", "").toString();
data/kshutdown-4.2/src/triggers/processmonitor.cpp:272:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	QString text = Utils::read(process, ok);
data/kshutdown-4.2/src/utils.cpp:326:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
QString Utils::read(QProcess &process, bool &ok) {
data/kshutdown-4.2/src/utils.h:66:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	static QString read(QProcess &process, bool &ok);

ANALYSIS SUMMARY:

Hits = 35
Lines analyzed = 10054 in approximately 0.98 seconds (10286 lines/second)
Physical Source Lines of Code (SLOC) = 6831
Hits@level = [0]   0 [1]  32 [2]   1 [3]   0 [4]   2 [5]   0
Hits@level+ = [0+]  35 [1+]  35 [2+]   3 [3+]   2 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 5.1237 [1+] 5.1237 [2+] 0.439174 [3+] 0.292783 [4+] 0.292783 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.