Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ktikz-0.12+ds1/app/aboutdialog.cpp
Examining data/ktikz-0.12+ds1/app/aboutdialog.h
Examining data/ktikz-0.12+ds1/app/assistantcontroller.cpp
Examining data/ktikz-0.12+ds1/app/assistantcontroller.h
Examining data/ktikz-0.12+ds1/app/configappearancewidget.cpp
Examining data/ktikz-0.12+ds1/app/configappearancewidget.h
Examining data/ktikz-0.12+ds1/app/configdialog.cpp
Examining data/ktikz-0.12+ds1/app/configdialog.h
Examining data/ktikz-0.12+ds1/app/configeditorwidget.cpp
Examining data/ktikz-0.12+ds1/app/configeditorwidget.h
Examining data/ktikz-0.12+ds1/app/configgeneralwidget.cpp
Examining data/ktikz-0.12+ds1/app/configgeneralwidget.h
Examining data/ktikz-0.12+ds1/app/configpreviewwidget.cpp
Examining data/ktikz-0.12+ds1/app/configpreviewwidget.h
Examining data/ktikz-0.12+ds1/app/editgotolinewidget.cpp
Examining data/ktikz-0.12+ds1/app/editgotolinewidget.h
Examining data/ktikz-0.12+ds1/app/editindentwidget.cpp
Examining data/ktikz-0.12+ds1/app/editindentwidget.h
Examining data/ktikz-0.12+ds1/app/editreplacecurrentwidget.cpp
Examining data/ktikz-0.12+ds1/app/editreplacecurrentwidget.h
Examining data/ktikz-0.12+ds1/app/editreplacewidget.cpp
Examining data/ktikz-0.12+ds1/app/editreplacewidget.h
Examining data/ktikz-0.12+ds1/app/ktikzapplication.cpp
Examining data/ktikz-0.12+ds1/app/ktikzapplication.h
Examining data/ktikz-0.12+ds1/app/linenumberwidget.cpp
Examining data/ktikz-0.12+ds1/app/linenumberwidget.h
Examining data/ktikz-0.12+ds1/app/loghighlighter.cpp
Examining data/ktikz-0.12+ds1/app/loghighlighter.h
Examining data/ktikz-0.12+ds1/app/logtextedit.cpp
Examining data/ktikz-0.12+ds1/app/logtextedit.h
Examining data/ktikz-0.12+ds1/app/main.cpp
Examining data/ktikz-0.12+ds1/app/mainwindow.cpp
Examining data/ktikz-0.12+ds1/app/mainwindow.h
Examining data/ktikz-0.12+ds1/app/tikzcommandinserter.cpp
Examining data/ktikz-0.12+ds1/app/tikzcommandinserter.h
Examining data/ktikz-0.12+ds1/app/tikzcommandwidget.cpp
Examining data/ktikz-0.12+ds1/app/tikzcommandwidget.h
Examining data/ktikz-0.12+ds1/app/tikzdocumentationcontroller.cpp
Examining data/ktikz-0.12+ds1/app/tikzdocumentationcontroller.h
Examining data/ktikz-0.12+ds1/app/tikzeditor.h
Examining data/ktikz-0.12+ds1/app/tikzeditorhighlighter.cpp
Examining data/ktikz-0.12+ds1/app/tikzeditorhighlighter.h
Examining data/ktikz-0.12+ds1/app/tikzeditorview.cpp
Examining data/ktikz-0.12+ds1/app/tikzeditorview.h
Examining data/ktikz-0.12+ds1/app/usercommandeditdialog.cpp
Examining data/ktikz-0.12+ds1/app/usercommandeditdialog.h
Examining data/ktikz-0.12+ds1/app/usercommandinserter.cpp
Examining data/ktikz-0.12+ds1/app/usercommandinserter.h
Examining data/ktikz-0.12+ds1/app/tikzeditor.cpp
Examining data/ktikz-0.12+ds1/common/mainwidget.h
Examining data/ktikz-0.12+ds1/common/templatewidget.cpp
Examining data/ktikz-0.12+ds1/common/templatewidget.h
Examining data/ktikz-0.12+ds1/common/textcodecprofile.h
Examining data/ktikz-0.12+ds1/common/tikzpreview.cpp
Examining data/ktikz-0.12+ds1/common/tikzpreview.h
Examining data/ktikz-0.12+ds1/common/tikzpreviewcontroller.cpp
Examining data/ktikz-0.12+ds1/common/tikzpreviewcontroller.h
Examining data/ktikz-0.12+ds1/common/tikzpreviewgenerator.cpp
Examining data/ktikz-0.12+ds1/common/tikzpreviewgenerator.h
Examining data/ktikz-0.12+ds1/common/tikzpreviewmessagewidget.cpp
Examining data/ktikz-0.12+ds1/common/tikzpreviewmessagewidget.h
Examining data/ktikz-0.12+ds1/common/tikzpreviewrenderer.cpp
Examining data/ktikz-0.12+ds1/common/tikzpreviewrenderer.h
Examining data/ktikz-0.12+ds1/common/utils/action.cpp
Examining data/ktikz-0.12+ds1/common/utils/action.h
Examining data/ktikz-0.12+ds1/common/utils/colorbutton.cpp
Examining data/ktikz-0.12+ds1/common/utils/colorbutton.h
Examining data/ktikz-0.12+ds1/common/utils/colordialog.h
Examining data/ktikz-0.12+ds1/common/utils/combobox.cpp
Examining data/ktikz-0.12+ds1/common/utils/combobox.h
Examining data/ktikz-0.12+ds1/common/utils/file.cpp
Examining data/ktikz-0.12+ds1/common/utils/file.h
Examining data/ktikz-0.12+ds1/common/utils/filedialog.cpp
Examining data/ktikz-0.12+ds1/common/utils/filedialog.h
Examining data/ktikz-0.12+ds1/common/utils/fontdialog.h
Examining data/ktikz-0.12+ds1/common/utils/globallocale.cpp
Examining data/ktikz-0.12+ds1/common/utils/globallocale.h
Examining data/ktikz-0.12+ds1/common/utils/icon.h
Examining data/ktikz-0.12+ds1/common/utils/lineedit.cpp
Examining data/ktikz-0.12+ds1/common/utils/lineedit.h
Examining data/ktikz-0.12+ds1/common/utils/messagebox.cpp
Examining data/ktikz-0.12+ds1/common/utils/messagebox.h
Examining data/ktikz-0.12+ds1/common/utils/pagedialog.cpp
Examining data/ktikz-0.12+ds1/common/utils/pagedialog.h
Examining data/ktikz-0.12+ds1/common/utils/printpreviewdialog.cpp
Examining data/ktikz-0.12+ds1/common/utils/printpreviewdialog.h
Examining data/ktikz-0.12+ds1/common/utils/recentfilesaction.cpp
Examining data/ktikz-0.12+ds1/common/utils/recentfilesaction.h
Examining data/ktikz-0.12+ds1/common/utils/selectaction.cpp
Examining data/ktikz-0.12+ds1/common/utils/selectaction.h
Examining data/ktikz-0.12+ds1/common/utils/standardaction.cpp
Examining data/ktikz-0.12+ds1/common/utils/standardaction.h
Examining data/ktikz-0.12+ds1/common/utils/tempdir.cpp
Examining data/ktikz-0.12+ds1/common/utils/tempdir.h
Examining data/ktikz-0.12+ds1/common/utils/toggleaction.cpp
Examining data/ktikz-0.12+ds1/common/utils/toggleaction.h
Examining data/ktikz-0.12+ds1/common/utils/toolbar.cpp
Examining data/ktikz-0.12+ds1/common/utils/toolbar.h
Examining data/ktikz-0.12+ds1/common/utils/url.cpp
Examining data/ktikz-0.12+ds1/common/utils/url.h
Examining data/ktikz-0.12+ds1/common/utils/urlcompletion.h
Examining data/ktikz-0.12+ds1/common/utils/zoomaction.cpp
Examining data/ktikz-0.12+ds1/common/utils/zoomaction.h
Examining data/ktikz-0.12+ds1/part/browserextension.cpp
Examining data/ktikz-0.12+ds1/part/browserextension.h
Examining data/ktikz-0.12+ds1/part/configdialog.cpp
Examining data/ktikz-0.12+ds1/part/configdialog.h
Examining data/ktikz-0.12+ds1/part/configgeneralwidget.cpp
Examining data/ktikz-0.12+ds1/part/configgeneralwidget.h
Examining data/ktikz-0.12+ds1/part/part.cpp
Examining data/ktikz-0.12+ds1/part/part.h

FINAL RESULTS:

data/ktikz-0.12+ds1/app/main.cpp:105:42:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	const QString locale = QString(QLocale::system().name());
data/ktikz-0.12+ds1/app/mainwindow.cpp:1100:94:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	m_mouseCoordinatesLabel->setText(tr("Preview: x = %1\ty = %2", "@info:status").arg(QLocale::system().toString(x, 'f', precisionX)).arg(QLocale::system().toString(y, 'f', precisionY)));
data/ktikz-0.12+ds1/app/mainwindow.cpp:1100:146:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	m_mouseCoordinatesLabel->setText(tr("Preview: x = %1\ty = %2", "@info:status").arg(QLocale::system().toString(x, 'f', precisionX)).arg(QLocale::system().toString(y, 'f', precisionY)));
data/ktikz-0.12+ds1/common/utils/globallocale.cpp:25:18:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	return QLocale::system().decimalPoint();
data/ktikz-0.12+ds1/common/utils/globallocale.cpp:30:18:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	return QLocale::system().toString(num, 'f', precision);
data/ktikz-0.12+ds1/app/mainwindow.cpp:333:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void MainWindow::open()
data/ktikz-0.12+ds1/app/mainwindow.cpp:516:33:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	m_openAction = StandardAction::open(this, SLOT(open()), this);
data/ktikz-0.12+ds1/app/mainwindow.cpp:516:49:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	m_openAction = StandardAction::open(this, SLOT(open()), this);
data/ktikz-0.12+ds1/app/mainwindow.cpp:937:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!file.open(QFile::Text))
data/ktikz-0.12+ds1/app/mainwindow.cpp:992:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!file.open(QFile::Text))
data/ktikz-0.12+ds1/app/mainwindow.h:120:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	void open();
data/ktikz-0.12+ds1/app/tikzcommandinserter.cpp:192:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!tagsFile.open(QFile::ReadOnly))
data/ktikz-0.12+ds1/app/tikzcommandinserter.cpp:279:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!commandsFile.open(QIODevice::ReadOnly | QIODevice::Text))
data/ktikz-0.12+ds1/common/tikzpreviewgenerator.cpp:245:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!latexLogFile.open(QFile::ReadOnly | QIODevice::Text))
data/ktikz-0.12+ds1/common/tikzpreviewgenerator.cpp:284:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (tikzAuxFile.open(QFile::ReadOnly | QIODevice::Text))
data/ktikz-0.12+ds1/common/tikzpreviewgenerator.cpp:453:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!tikzTexFile.open())
data/ktikz-0.12+ds1/common/tikzpreviewgenerator.cpp:466:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			&& templateFile.open(QIODevice::ReadOnly | QIODevice::Text) // if user-specified template file is readable
data/ktikz-0.12+ds1/common/tikzpreviewgenerator.cpp:505:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!tikzFile.open(QFile::WriteOnly))
data/ktikz-0.12+ds1/common/utils/file.cpp:106:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
bool File::open(const QFile::OpenMode &mode)
data/ktikz-0.12+ds1/common/utils/file.cpp:112:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		return m_file->open( QFile::ReadWrite ); // XXX cannot use qobject_cast because QSaveFile doesn't have the Q_OBJECT macro
data/ktikz-0.12+ds1/common/utils/file.cpp:118:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		return m_file->open(QFile::ReadOnly | mode);
data/ktikz-0.12+ds1/common/utils/file.cpp:243:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
bool File::open(const QFile::OpenMode &mode)
data/ktikz-0.12+ds1/common/utils/file.cpp:246:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		return m_file->open(QFile::WriteOnly | mode);
data/ktikz-0.12+ds1/common/utils/file.cpp:248:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		return m_file->open(QFile::ReadOnly | mode);
data/ktikz-0.12+ds1/common/utils/file.h:104:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	bool open(const QFile::OpenMode &mode = 0);
data/ktikz-0.12+ds1/common/utils/standardaction.cpp:60:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
Action *open(const QObject *recvr, const char *slot, QObject *parent)
data/ktikz-0.12+ds1/common/utils/standardaction.cpp:62:37:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	return copyAction(KStandardAction::open(recvr, slot, parent), recvr, slot);
data/ktikz-0.12+ds1/common/utils/standardaction.cpp:301:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
Action *open(const QObject *recvr, const char *slot, QObject *parent)
data/ktikz-0.12+ds1/common/utils/standardaction.h:29:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
Action *open(const QObject *recvr, const char *slot, QObject *parent);
data/ktikz-0.12+ds1/part/part.cpp:165:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!file.open(QFile::ReadOnly | QFile::Text))

ANALYSIS SUMMARY:

Hits = 30
Lines analyzed = 14773 in approximately 0.93 seconds (15901 lines/second)
Physical Source Lines of Code (SLOC) = 10025
Hits@level = [0]   6 [1]   0 [2]  25 [3]   0 [4]   5 [5]   0
Hits@level+ = [0+]  36 [1+]  30 [2+]  30 [3+]   5 [4+]   5 [5+]   0
Hits/KSLOC@level+ = [0+] 3.59102 [1+] 2.99252 [2+] 2.99252 [3+] 0.498753 [4+] 0.498753 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.