Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ktimetracker-5.0.1/src/timetrackerwidget.h Examining data/ktimetracker-5.0.1/src/treeviewheadercontextmenu.h Examining data/ktimetracker-5.0.1/src/idletimedetector.cpp Examining data/ktimetracker-5.0.1/src/file/filecalendar.h Examining data/ktimetracker-5.0.1/src/file/icalformatkio.cpp Examining data/ktimetracker-5.0.1/src/file/icalformatkio.h Examining data/ktimetracker-5.0.1/src/file/filecalendar.cpp Examining data/ktimetracker-5.0.1/src/tray.h Examining data/ktimetracker-5.0.1/src/treeviewheadercontextmenu.cpp Examining data/ktimetracker-5.0.1/src/timetrackerstorage.h Examining data/ktimetracker-5.0.1/src/export/totalsastext.cpp Examining data/ktimetracker-5.0.1/src/export/csvhistory.h Examining data/ktimetracker-5.0.1/src/export/csvhistory.cpp Examining data/ktimetracker-5.0.1/src/export/csvtotals.cpp Examining data/ktimetracker-5.0.1/src/export/csvtotals.h Examining data/ktimetracker-5.0.1/src/export/export.cpp Examining data/ktimetracker-5.0.1/src/export/export.h Examining data/ktimetracker-5.0.1/src/export/totalsastext.h Examining data/ktimetracker-5.0.1/src/ktimetrackerutility.h Examining data/ktimetracker-5.0.1/src/taskview.h Examining data/ktimetracker-5.0.1/src/timetrackerwidget.cpp Examining data/ktimetracker-5.0.1/src/idletimedetector.h Examining data/ktimetracker-5.0.1/src/tray.cpp Examining data/ktimetracker-5.0.1/src/import/plannerparser.cpp Examining data/ktimetracker-5.0.1/src/import/plannerparser.h Examining data/ktimetracker-5.0.1/src/settings/ktimetrackerconfigdialog.cpp Examining data/ktimetracker-5.0.1/src/settings/ktimetrackerconfigdialog.h Examining data/ktimetracker-5.0.1/src/dialogs/historydialog.h Examining data/ktimetracker-5.0.1/src/dialogs/exportdialog.h Examining data/ktimetracker-5.0.1/src/dialogs/edittimedialog.cpp Examining data/ktimetracker-5.0.1/src/dialogs/taskpropertiesdialog.h Examining data/ktimetracker-5.0.1/src/dialogs/historydialog.cpp Examining data/ktimetracker-5.0.1/src/dialogs/exportdialog.cpp Examining data/ktimetracker-5.0.1/src/dialogs/taskpropertiesdialog.cpp Examining data/ktimetracker-5.0.1/src/dialogs/edittimedialog.h Examining data/ktimetracker-5.0.1/src/mainwindow.h Examining data/ktimetracker-5.0.1/src/desktoptracker.h Examining data/ktimetracker-5.0.1/src/desktoptracker.cpp Examining data/ktimetracker-5.0.1/src/model/event.cpp Examining data/ktimetracker-5.0.1/src/model/tasksmodelitem.h Examining data/ktimetracker-5.0.1/src/model/event.h Examining data/ktimetracker-5.0.1/src/model/tasksmodelitem.cpp Examining data/ktimetracker-5.0.1/src/model/task.cpp Examining data/ktimetracker-5.0.1/src/model/eventsmodel.cpp Examining data/ktimetracker-5.0.1/src/model/projectmodel.cpp Examining data/ktimetracker-5.0.1/src/model/task.h Examining data/ktimetracker-5.0.1/src/model/tasksmodel.cpp Examining data/ktimetracker-5.0.1/src/model/eventsmodel.h Examining data/ktimetracker-5.0.1/src/model/projectmodel.h Examining data/ktimetracker-5.0.1/src/model/tasksmodel.h Examining data/ktimetracker-5.0.1/src/focusdetector.h Examining data/ktimetracker-5.0.1/src/mainwindow.cpp Examining data/ktimetracker-5.0.1/src/widgets/taskswidget.cpp Examining data/ktimetracker-5.0.1/src/widgets/searchline.cpp Examining data/ktimetracker-5.0.1/src/widgets/taskswidget.h Examining data/ktimetracker-5.0.1/src/widgets/searchline.h Examining data/ktimetracker-5.0.1/src/timetrackerstorage.cpp Examining data/ktimetracker-5.0.1/src/desktoplist.h Examining data/ktimetracker-5.0.1/src/taskview.cpp Examining data/ktimetracker-5.0.1/src/tests/plannerparsertest.cpp Examining data/ktimetracker-5.0.1/src/tests/formattimetest.cpp Examining data/ktimetracker-5.0.1/src/tests/tasktest.cpp Examining data/ktimetracker-5.0.1/src/tests/storagetest.cpp Examining data/ktimetracker-5.0.1/src/tests/helpers.h Examining data/ktimetracker-5.0.1/src/tests/exportcsvtest.cpp Examining data/ktimetracker-5.0.1/src/tests/helpers.cpp Examining data/ktimetracker-5.0.1/src/reportcriteria.h Examining data/ktimetracker-5.0.1/src/focusdetector.cpp Examining data/ktimetracker-5.0.1/src/main.cpp Examining data/ktimetracker-5.0.1/src/ktimetrackerutility.cpp FINAL RESULTS: data/ktimetracker-5.0.1/src/ktimetrackerutility.cpp:33:14: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. time.sprintf("%.2f", minutes / 60.0); data/ktimetracker-5.0.1/src/ktimetrackerutility.cpp:37:14: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. time.sprintf( data/ktimetracker-5.0.1/src/export/export.cpp:59:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!f.open(QIODevice::WriteOnly)) { data/ktimetracker-5.0.1/src/file/icalformatkio.cpp:46:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly)) { data/ktimetracker-5.0.1/src/file/icalformatkio.cpp:102:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::WriteOnly)) { data/ktimetracker-5.0.1/src/tests/helpers.cpp:50:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file->open()) { data/ktimetracker-5.0.1/src/tests/helpers.cpp:95:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::ReadOnly | QFile::Text)) { data/ktimetracker-5.0.1/src/timetrackerwidget.cpp:150:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). KStandardAction::open(this, &TimeTrackerWidget::openFileDialog, actionCollection); ANALYSIS SUMMARY: Hits = 8 Lines analyzed = 9978 in approximately 0.63 seconds (15777 lines/second) Physical Source Lines of Code (SLOC) = 5987 Hits@level = [0] 0 [1] 0 [2] 6 [3] 0 [4] 2 [5] 0 Hits@level+ = [0+] 8 [1+] 8 [2+] 8 [3+] 2 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 1.33623 [1+] 1.33623 [2+] 1.33623 [3+] 0.334057 [4+] 0.334057 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.