Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ktorrent-5.2.0/ktmagnetdownloader/magnetdownloader.cpp
Examining data/ktorrent-5.2.0/ktmagnetdownloader/magnettest.cpp
Examining data/ktorrent-5.2.0/ktmagnetdownloader/magnettest.h
Examining data/ktorrent-5.2.0/ktorrent/app.cpp
Examining data/ktorrent-5.2.0/ktorrent/app.h
Examining data/ktorrent-5.2.0/ktorrent/core.cpp
Examining data/ktorrent-5.2.0/ktorrent/core.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/addpeersdlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/addpeersdlg.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/fileselectdlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/fileselectdlg.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/importdialog.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/importdialog.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/missingfilesdlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/missingfilesdlg.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/pastedialog.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/pastedialog.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/speedlimitsdlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/speedlimitsdlg.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/speedlimitsmodel.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/speedlimitsmodel.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/spinboxdelegate.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/spinboxdelegate.h
Examining data/ktorrent-5.2.0/ktorrent/dialogs/torrentcreatordlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/dialogs/torrentcreatordlg.h
Examining data/ktorrent-5.2.0/ktorrent/groups/groupfiltermodel.cpp
Examining data/ktorrent-5.2.0/ktorrent/groups/groupfiltermodel.h
Examining data/ktorrent-5.2.0/ktorrent/groups/grouppolicydlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/groups/grouppolicydlg.h
Examining data/ktorrent-5.2.0/ktorrent/groups/groupswitcher.cpp
Examining data/ktorrent-5.2.0/ktorrent/groups/groupswitcher.h
Examining data/ktorrent-5.2.0/ktorrent/groups/groupview.cpp
Examining data/ktorrent-5.2.0/ktorrent/groups/groupview.h
Examining data/ktorrent-5.2.0/ktorrent/groups/groupviewmodel.cpp
Examining data/ktorrent-5.2.0/ktorrent/groups/groupviewmodel.h
Examining data/ktorrent-5.2.0/ktorrent/gui.cpp
Examining data/ktorrent-5.2.0/ktorrent/gui.h
Examining data/ktorrent-5.2.0/ktorrent/ipfilterlist.cpp
Examining data/ktorrent-5.2.0/ktorrent/ipfilterlist.h
Examining data/ktorrent-5.2.0/ktorrent/ipfilterwidget.cpp
Examining data/ktorrent-5.2.0/ktorrent/ipfilterwidget.h
Examining data/ktorrent-5.2.0/ktorrent/main.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/advancedpref.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/advancedpref.h
Examining data/ktorrent-5.2.0/ktorrent/pref/btpref.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/btpref.h
Examining data/ktorrent-5.2.0/ktorrent/pref/generalpref.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/generalpref.h
Examining data/ktorrent-5.2.0/ktorrent/pref/networkpref.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/networkpref.h
Examining data/ktorrent-5.2.0/ktorrent/pref/prefdialog.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/prefdialog.h
Examining data/ktorrent-5.2.0/ktorrent/pref/proxypref.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/proxypref.h
Examining data/ktorrent-5.2.0/ktorrent/pref/qmpref.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/qmpref.h
Examining data/ktorrent-5.2.0/ktorrent/pref/recommendedsettingsdlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/pref/recommendedsettingsdlg.h
Examining data/ktorrent-5.2.0/ktorrent/statusbar.cpp
Examining data/ktorrent-5.2.0/ktorrent/statusbar.h
Examining data/ktorrent-5.2.0/ktorrent/statusbarofflineindicator.cpp
Examining data/ktorrent-5.2.0/ktorrent/statusbarofflineindicator.h
Examining data/ktorrent-5.2.0/ktorrent/tools/magnetmodel.cpp
Examining data/ktorrent-5.2.0/ktorrent/tools/magnetmodel.h
Examining data/ktorrent-5.2.0/ktorrent/tools/magnetview.cpp
Examining data/ktorrent-5.2.0/ktorrent/tools/magnetview.h
Examining data/ktorrent-5.2.0/ktorrent/tools/queuemanagermodel.cpp
Examining data/ktorrent-5.2.0/ktorrent/tools/queuemanagermodel.h
Examining data/ktorrent-5.2.0/ktorrent/tools/queuemanagerwidget.cpp
Examining data/ktorrent-5.2.0/ktorrent/tools/queuemanagerwidget.h
Examining data/ktorrent-5.2.0/ktorrent/torrentactivity.cpp
Examining data/ktorrent-5.2.0/ktorrent/torrentactivity.h
Examining data/ktorrent-5.2.0/ktorrent/trayicon.cpp
Examining data/ktorrent-5.2.0/ktorrent/trayicon.h
Examining data/ktorrent-5.2.0/ktorrent/view/propertiesdlg.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/propertiesdlg.h
Examining data/ktorrent-5.2.0/ktorrent/view/scanextender.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/scanextender.h
Examining data/ktorrent-5.2.0/ktorrent/view/torrentsearchbar.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/torrentsearchbar.h
Examining data/ktorrent-5.2.0/ktorrent/view/view.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/view.h
Examining data/ktorrent-5.2.0/ktorrent/view/viewdelegate.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/viewdelegate.h
Examining data/ktorrent-5.2.0/ktorrent/view/viewjobtracker.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/viewjobtracker.h
Examining data/ktorrent-5.2.0/ktorrent/view/viewmodel.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/viewmodel.h
Examining data/ktorrent-5.2.0/ktorrent/view/viewselectionmodel.cpp
Examining data/ktorrent-5.2.0/ktorrent/view/viewselectionmodel.h
Examining data/ktorrent-5.2.0/ktupnptest/main.cpp
Examining data/ktorrent-5.2.0/ktupnptest/upnptestwidget.cpp
Examining data/ktorrent-5.2.0/ktupnptest/upnptestwidget.h
Examining data/ktorrent-5.2.0/libktcore/dbus/dbus.cpp
Examining data/ktorrent-5.2.0/libktcore/dbus/dbus.h
Examining data/ktorrent-5.2.0/libktcore/dbus/dbusgroup.cpp
Examining data/ktorrent-5.2.0/libktcore/dbus/dbusgroup.h
Examining data/ktorrent-5.2.0/libktcore/dbus/dbussettings.cpp
Examining data/ktorrent-5.2.0/libktcore/dbus/dbussettings.h
Examining data/ktorrent-5.2.0/libktcore/dbus/dbustorrent.cpp
Examining data/ktorrent-5.2.0/libktcore/dbus/dbustorrent.h
Examining data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfile.cpp
Examining data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfile.h
Examining data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfilestream.cpp
Examining data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfilestream.h
Examining data/ktorrent-5.2.0/libktcore/groups/allgroup.cpp
Examining data/ktorrent-5.2.0/libktcore/groups/allgroup.h
Examining data/ktorrent-5.2.0/libktcore/groups/functiongroup.cpp
Examining data/ktorrent-5.2.0/libktcore/groups/functiongroup.h
Examining data/ktorrent-5.2.0/libktcore/groups/group.cpp
Examining data/ktorrent-5.2.0/libktcore/groups/group.h
Examining data/ktorrent-5.2.0/libktcore/groups/groupmanager.cpp
Examining data/ktorrent-5.2.0/libktcore/groups/groupmanager.h
Examining data/ktorrent-5.2.0/libktcore/groups/torrentgroup.cpp
Examining data/ktorrent-5.2.0/libktcore/groups/torrentgroup.h
Examining data/ktorrent-5.2.0/libktcore/groups/ungroupedgroup.cpp
Examining data/ktorrent-5.2.0/libktcore/groups/ungroupedgroup.h
Examining data/ktorrent-5.2.0/libktcore/gui/centralwidget.cpp
Examining data/ktorrent-5.2.0/libktcore/gui/centralwidget.h
Examining data/ktorrent-5.2.0/libktcore/gui/extender.cpp
Examining data/ktorrent-5.2.0/libktcore/gui/extender.h
Examining data/ktorrent-5.2.0/libktcore/gui/tabbarwidget.cpp
Examining data/ktorrent-5.2.0/libktcore/gui/tabbarwidget.h
Examining data/ktorrent-5.2.0/libktcore/interfaces/activity.cpp
Examining data/ktorrent-5.2.0/libktcore/interfaces/activity.h
Examining data/ktorrent-5.2.0/libktcore/interfaces/coreinterface.cpp
Examining data/ktorrent-5.2.0/libktcore/interfaces/coreinterface.h
Examining data/ktorrent-5.2.0/libktcore/interfaces/functions.cpp
Examining data/ktorrent-5.2.0/libktcore/interfaces/functions.h
Examining data/ktorrent-5.2.0/libktcore/interfaces/guiinterface.cpp
Examining data/ktorrent-5.2.0/libktcore/interfaces/guiinterface.h
Examining data/ktorrent-5.2.0/libktcore/interfaces/plugin.cpp
Examining data/ktorrent-5.2.0/libktcore/interfaces/plugin.h
Examining data/ktorrent-5.2.0/libktcore/interfaces/prefpageinterface.cpp
Examining data/ktorrent-5.2.0/libktcore/interfaces/prefpageinterface.h
Examining data/ktorrent-5.2.0/libktcore/interfaces/torrentactivityinterface.cpp
Examining data/ktorrent-5.2.0/libktcore/interfaces/torrentactivityinterface.h
Examining data/ktorrent-5.2.0/libktcore/ktversion.h
Examining data/ktorrent-5.2.0/libktcore/plugin/pluginactivity.cpp
Examining data/ktorrent-5.2.0/libktcore/plugin/pluginactivity.h
Examining data/ktorrent-5.2.0/libktcore/plugin/pluginmanager.cpp
Examining data/ktorrent-5.2.0/libktcore/plugin/pluginmanager.h
Examining data/ktorrent-5.2.0/libktcore/torrent/basicjobprogresswidget.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/basicjobprogresswidget.h
Examining data/ktorrent-5.2.0/libktcore/torrent/chunkbar.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/chunkbar.h
Examining data/ktorrent-5.2.0/libktcore/torrent/chunkbarrenderer.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/chunkbarrenderer.h
Examining data/ktorrent-5.2.0/libktcore/torrent/jobprogresswidget.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/jobprogresswidget.h
Examining data/ktorrent-5.2.0/libktcore/torrent/jobtracker.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/jobtracker.h
Examining data/ktorrent-5.2.0/libktcore/torrent/magnetmanager.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/magnetmanager.h
Examining data/ktorrent-5.2.0/libktcore/torrent/queuemanager.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/queuemanager.h
Examining data/ktorrent-5.2.0/libktcore/torrent/torrentfilelistmodel.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/torrentfilelistmodel.h
Examining data/ktorrent-5.2.0/libktcore/torrent/torrentfilemodel.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/torrentfilemodel.h
Examining data/ktorrent-5.2.0/libktcore/torrent/torrentfiletreemodel.cpp
Examining data/ktorrent-5.2.0/libktcore/torrent/torrentfiletreemodel.h
Examining data/ktorrent-5.2.0/libktcore/util/indexofcompare.h
Examining data/ktorrent-5.2.0/libktcore/util/itemselectionmodel.cpp
Examining data/ktorrent-5.2.0/libktcore/util/itemselectionmodel.h
Examining data/ktorrent-5.2.0/libktcore/util/mmapfile.cpp
Examining data/ktorrent-5.2.0/libktcore/util/mmapfile.h
Examining data/ktorrent-5.2.0/libktcore/util/stringcompletionmodel.cpp
Examining data/ktorrent-5.2.0/libktcore/util/stringcompletionmodel.h
Examining data/ktorrent-5.2.0/libktcore/util/treefiltermodel.cpp
Examining data/ktorrent-5.2.0/libktcore/util/treefiltermodel.h
Examining data/ktorrent-5.2.0/plasma/applet/applet.cpp
Examining data/ktorrent-5.2.0/plasma/applet/applet.h
Examining data/ktorrent-5.2.0/plasma/applet/chunkbar.cpp
Examining data/ktorrent-5.2.0/plasma/applet/chunkbar.h
Examining data/ktorrent-5.2.0/plasma/applet/fadingitem.cpp
Examining data/ktorrent-5.2.0/plasma/applet/fadingitem.h
Examining data/ktorrent-5.2.0/plasma/applet/fadingnavigationwidget.cpp
Examining data/ktorrent-5.2.0/plasma/applet/fadingnavigationwidget.h
Examining data/ktorrent-5.2.0/plasma/dataengine/coredbusinterface.cpp
Examining data/ktorrent-5.2.0/plasma/dataengine/coredbusinterface.h
Examining data/ktorrent-5.2.0/plasma/dataengine/engine.cpp
Examining data/ktorrent-5.2.0/plasma/dataengine/engine.h
Examining data/ktorrent-5.2.0/plasma/dataengine/torrentdbusinterface.cpp
Examining data/ktorrent-5.2.0/plasma/dataengine/torrentdbusinterface.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/bwprefpage.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/bwprefpage.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/bwschedulerplugin.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/bwschedulerplugin.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/edititemdlg.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/edititemdlg.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/guidanceline.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/guidanceline.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/schedule.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/schedule.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/scheduleeditor.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/scheduleeditor.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/schedulegraphicsitem.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/schedulegraphicsitem.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/weekdaymodel.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/weekdaymodel.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/weekscene.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/weekscene.h
Examining data/ktorrent-5.2.0/plugins/bwscheduler/weekview.cpp
Examining data/ktorrent-5.2.0/plugins/bwscheduler/weekview.h
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadorderdialog.cpp
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadorderdialog.h
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadordermanager.cpp
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadordermanager.h
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadordermodel.cpp
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadordermodel.h
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadorderplugin.cpp
Examining data/ktorrent-5.2.0/plugins/downloadorder/downloadorderplugin.h
Examining data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c
Examining data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h
Examining data/ktorrent-5.2.0/plugins/infowidget/addtrackersdialog.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/addtrackersdialog.h
Examining data/ktorrent-5.2.0/plugins/infowidget/availabilitychunkbar.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/availabilitychunkbar.h
Examining data/ktorrent-5.2.0/plugins/infowidget/chunkdownloadmodel.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/chunkdownloadmodel.h
Examining data/ktorrent-5.2.0/plugins/infowidget/chunkdownloadview.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/chunkdownloadview.h
Examining data/ktorrent-5.2.0/plugins/infowidget/downloadedchunkbar.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/downloadedchunkbar.h
Examining data/ktorrent-5.2.0/plugins/infowidget/fileview.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/fileview.h
Examining data/ktorrent-5.2.0/plugins/infowidget/flagdb.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/flagdb.h
Examining data/ktorrent-5.2.0/plugins/infowidget/geoipmanager.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/geoipmanager.h
Examining data/ktorrent-5.2.0/plugins/infowidget/infowidgetplugin.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/infowidgetplugin.h
Examining data/ktorrent-5.2.0/plugins/infowidget/iwfilelistmodel.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/iwfilelistmodel.h
Examining data/ktorrent-5.2.0/plugins/infowidget/iwfiletreemodel.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/iwfiletreemodel.h
Examining data/ktorrent-5.2.0/plugins/infowidget/iwprefpage.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/iwprefpage.h
Examining data/ktorrent-5.2.0/plugins/infowidget/monitor.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/monitor.h
Examining data/ktorrent-5.2.0/plugins/infowidget/peerview.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/peerview.h
Examining data/ktorrent-5.2.0/plugins/infowidget/peerviewmodel.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/peerviewmodel.h
Examining data/ktorrent-5.2.0/plugins/infowidget/statustab.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/statustab.h
Examining data/ktorrent-5.2.0/plugins/infowidget/trackermodel.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/trackermodel.h
Examining data/ktorrent-5.2.0/plugins/infowidget/trackerview.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/trackerview.h
Examining data/ktorrent-5.2.0/plugins/infowidget/webseedsmodel.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/webseedsmodel.h
Examining data/ktorrent-5.2.0/plugins/infowidget/webseedstab.cpp
Examining data/ktorrent-5.2.0/plugins/infowidget/webseedstab.h
Examining data/ktorrent-5.2.0/plugins/ipfilter/convertdialog.cpp
Examining data/ktorrent-5.2.0/plugins/ipfilter/convertdialog.h
Examining data/ktorrent-5.2.0/plugins/ipfilter/convertthread.cpp
Examining data/ktorrent-5.2.0/plugins/ipfilter/convertthread.h
Examining data/ktorrent-5.2.0/plugins/ipfilter/downloadandconvertjob.cpp
Examining data/ktorrent-5.2.0/plugins/ipfilter/downloadandconvertjob.h
Examining data/ktorrent-5.2.0/plugins/ipfilter/ipblockingprefpage.cpp
Examining data/ktorrent-5.2.0/plugins/ipfilter/ipblockingprefpage.h
Examining data/ktorrent-5.2.0/plugins/ipfilter/ipblocklist.cpp
Examining data/ktorrent-5.2.0/plugins/ipfilter/ipblocklist.h
Examining data/ktorrent-5.2.0/plugins/ipfilter/ipfilterplugin.cpp
Examining data/ktorrent-5.2.0/plugins/ipfilter/ipfilterplugin.h
Examining data/ktorrent-5.2.0/plugins/ipfilter/tests/ipblocklisttest.cpp
Examining data/ktorrent-5.2.0/plugins/logviewer/logflags.cpp
Examining data/ktorrent-5.2.0/plugins/logviewer/logflags.h
Examining data/ktorrent-5.2.0/plugins/logviewer/logflagsdelegate.cpp
Examining data/ktorrent-5.2.0/plugins/logviewer/logflagsdelegate.h
Examining data/ktorrent-5.2.0/plugins/logviewer/logprefpage.cpp
Examining data/ktorrent-5.2.0/plugins/logviewer/logprefpage.h
Examining data/ktorrent-5.2.0/plugins/logviewer/logviewer.cpp
Examining data/ktorrent-5.2.0/plugins/logviewer/logviewer.h
Examining data/ktorrent-5.2.0/plugins/logviewer/logviewerplugin.cpp
Examining data/ktorrent-5.2.0/plugins/logviewer/logviewerplugin.h
Examining data/ktorrent-5.2.0/plugins/magnetgenerator/magnetgeneratorplugin.cpp
Examining data/ktorrent-5.2.0/plugins/magnetgenerator/magnetgeneratorplugin.h
Examining data/ktorrent-5.2.0/plugins/magnetgenerator/magnetgeneratorprefwidget.cpp
Examining data/ktorrent-5.2.0/plugins/magnetgenerator/magnetgeneratorprefwidget.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediacontroller.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediacontroller.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediafile.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediafile.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediafilestream.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediafilestream.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediamodel.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediamodel.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayer.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayer.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayerplugin.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayerplugin.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaview.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/mediaview.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/playlist.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/playlist.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/playlistwidget.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/playlistwidget.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/videochunkbar.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/videochunkbar.h
Examining data/ktorrent-5.2.0/plugins/mediaplayer/videowidget.cpp
Examining data/ktorrent-5.2.0/plugins/mediaplayer/videowidget.h
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanfolder.cpp
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanfolder.h
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanfolderplugin.cpp
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanfolderplugin.h
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanfolderprefpage.cpp
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanfolderprefpage.h
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanthread.cpp
Examining data/ktorrent-5.2.0/plugins/scanfolder/scanthread.h
Examining data/ktorrent-5.2.0/plugins/scanfolder/torrentloadqueue.cpp
Examining data/ktorrent-5.2.0/plugins/scanfolder/torrentloadqueue.h
Examining data/ktorrent-5.2.0/plugins/scripting/api/scriptablegroup.cpp
Examining data/ktorrent-5.2.0/plugins/scripting/api/scriptablegroup.h
Examining data/ktorrent-5.2.0/plugins/scripting/api/scriptingmodule.cpp
Examining data/ktorrent-5.2.0/plugins/scripting/api/scriptingmodule.h
Examining data/ktorrent-5.2.0/plugins/scripting/script.cpp
Examining data/ktorrent-5.2.0/plugins/scripting/script.h
Examining data/ktorrent-5.2.0/plugins/scripting/scriptdelegate.cpp
Examining data/ktorrent-5.2.0/plugins/scripting/scriptdelegate.h
Examining data/ktorrent-5.2.0/plugins/scripting/scriptingplugin.cpp
Examining data/ktorrent-5.2.0/plugins/scripting/scriptingplugin.h
Examining data/ktorrent-5.2.0/plugins/scripting/scriptmanager.cpp
Examining data/ktorrent-5.2.0/plugins/scripting/scriptmanager.h
Examining data/ktorrent-5.2.0/plugins/scripting/scriptmodel.cpp
Examining data/ktorrent-5.2.0/plugins/scripting/scriptmodel.h
Examining data/ktorrent-5.2.0/plugins/search/magneturlschemehandler.cpp
Examining data/ktorrent-5.2.0/plugins/search/magneturlschemehandler.h
Examining data/ktorrent-5.2.0/plugins/search/opensearchdownloadjob.cpp
Examining data/ktorrent-5.2.0/plugins/search/opensearchdownloadjob.h
Examining data/ktorrent-5.2.0/plugins/search/proxy_helper.cpp
Examining data/ktorrent-5.2.0/plugins/search/proxy_helper.h
Examining data/ktorrent-5.2.0/plugins/search/searchactivity.cpp
Examining data/ktorrent-5.2.0/plugins/search/searchactivity.h
Examining data/ktorrent-5.2.0/plugins/search/searchengine.cpp
Examining data/ktorrent-5.2.0/plugins/search/searchengine.h
Examining data/ktorrent-5.2.0/plugins/search/searchenginelist.cpp
Examining data/ktorrent-5.2.0/plugins/search/searchenginelist.h
Examining data/ktorrent-5.2.0/plugins/search/searchplugin.cpp
Examining data/ktorrent-5.2.0/plugins/search/searchplugin.h
Examining data/ktorrent-5.2.0/plugins/search/searchprefpage.cpp
Examining data/ktorrent-5.2.0/plugins/search/searchprefpage.h
Examining data/ktorrent-5.2.0/plugins/search/searchtoolbar.cpp
Examining data/ktorrent-5.2.0/plugins/search/searchtoolbar.h
Examining data/ktorrent-5.2.0/plugins/search/searchwidget.cpp
Examining data/ktorrent-5.2.0/plugins/search/searchwidget.h
Examining data/ktorrent-5.2.0/plugins/search/webview.cpp
Examining data/ktorrent-5.2.0/plugins/search/webview.h
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdowndlg.cpp
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdowndlg.h
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdownplugin.cpp
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdownplugin.h
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdownruleset.cpp
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdownruleset.h
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdowntorrentmodel.cpp
Examining data/ktorrent-5.2.0/plugins/shutdown/shutdowntorrentmodel.h
Examining data/ktorrent-5.2.0/plugins/stats/ConnsTabPage.cc
Examining data/ktorrent-5.2.0/plugins/stats/ConnsTabPage.h
Examining data/ktorrent-5.2.0/plugins/stats/DisplaySettingsPage.cc
Examining data/ktorrent-5.2.0/plugins/stats/DisplaySettingsPage.h
Examining data/ktorrent-5.2.0/plugins/stats/PluginPage.cc
Examining data/ktorrent-5.2.0/plugins/stats/PluginPage.h
Examining data/ktorrent-5.2.0/plugins/stats/SettingsPage.cc
Examining data/ktorrent-5.2.0/plugins/stats/SettingsPage.h
Examining data/ktorrent-5.2.0/plugins/stats/SpdTabPage.cc
Examining data/ktorrent-5.2.0/plugins/stats/SpdTabPage.h
Examining data/ktorrent-5.2.0/plugins/stats/StatsPlugin.cc
Examining data/ktorrent-5.2.0/plugins/stats/StatsPlugin.h
Examining data/ktorrent-5.2.0/plugins/stats/drawer/ChartDrawer.cc
Examining data/ktorrent-5.2.0/plugins/stats/drawer/ChartDrawer.h
Examining data/ktorrent-5.2.0/plugins/stats/drawer/ChartDrawerData.cc
Examining data/ktorrent-5.2.0/plugins/stats/drawer/ChartDrawerData.h
Examining data/ktorrent-5.2.0/plugins/stats/drawer/KPlotWgtDrawer.cc
Examining data/ktorrent-5.2.0/plugins/stats/drawer/KPlotWgtDrawer.h
Examining data/ktorrent-5.2.0/plugins/stats/drawer/PlainChartDrawer.cc
Examining data/ktorrent-5.2.0/plugins/stats/drawer/PlainChartDrawer.h
Examining data/ktorrent-5.2.0/plugins/syndication/feedlist.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/feedlist.h
Examining data/ktorrent-5.2.0/plugins/syndication/feedlistdelegate.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/feedlistdelegate.h
Examining data/ktorrent-5.2.0/plugins/syndication/feedlistview.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/feedlistview.h
Examining data/ktorrent-5.2.0/plugins/syndication/feedretriever.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/feedretriever.h
Examining data/ktorrent-5.2.0/plugins/syndication/feedwidget.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/feedwidget.h
Examining data/ktorrent-5.2.0/plugins/syndication/feedwidgetmodel.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/feedwidgetmodel.h
Examining data/ktorrent-5.2.0/plugins/syndication/filter.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/filter.h
Examining data/ktorrent-5.2.0/plugins/syndication/filtereditor.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/filtereditor.h
Examining data/ktorrent-5.2.0/plugins/syndication/filterlist.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/filterlist.h
Examining data/ktorrent-5.2.0/plugins/syndication/filterlistmodel.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/filterlistmodel.h
Examining data/ktorrent-5.2.0/plugins/syndication/filterlistview.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/filterlistview.h
Examining data/ktorrent-5.2.0/plugins/syndication/ktfeed.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/ktfeed.h
Examining data/ktorrent-5.2.0/plugins/syndication/linkdownloader.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/linkdownloader.h
Examining data/ktorrent-5.2.0/plugins/syndication/managefiltersdlg.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/managefiltersdlg.h
Examining data/ktorrent-5.2.0/plugins/syndication/syndicationactivity.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/syndicationactivity.h
Examining data/ktorrent-5.2.0/plugins/syndication/syndicationplugin.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/syndicationplugin.h
Examining data/ktorrent-5.2.0/plugins/syndication/syndicationtab.cpp
Examining data/ktorrent-5.2.0/plugins/syndication/syndicationtab.h
Examining data/ktorrent-5.2.0/plugins/upnp/routermodel.cpp
Examining data/ktorrent-5.2.0/plugins/upnp/routermodel.h
Examining data/ktorrent-5.2.0/plugins/upnp/upnpplugin.cpp
Examining data/ktorrent-5.2.0/plugins/upnp/upnpplugin.h
Examining data/ktorrent-5.2.0/plugins/upnp/upnpwidget.cpp
Examining data/ktorrent-5.2.0/plugins/upnp/upnpwidget.h
Examining data/ktorrent-5.2.0/plugins/webinterface/actionhandler.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/actionhandler.h
Examining data/ktorrent-5.2.0/plugins/webinterface/challengegenerator.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/challengegenerator.h
Examining data/ktorrent-5.2.0/plugins/webinterface/globaldatagenerator.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/globaldatagenerator.h
Examining data/ktorrent-5.2.0/plugins/webinterface/httpclienthandler.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/httpclienthandler.h
Examining data/ktorrent-5.2.0/plugins/webinterface/httpresponseheader.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/httpresponseheader.h
Examining data/ktorrent-5.2.0/plugins/webinterface/httpserver.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/httpserver.h
Examining data/ktorrent-5.2.0/plugins/webinterface/iconhandler.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/iconhandler.h
Examining data/ktorrent-5.2.0/plugins/webinterface/loginhandler.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/loginhandler.h
Examining data/ktorrent-5.2.0/plugins/webinterface/logouthandler.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/logouthandler.h
Examining data/ktorrent-5.2.0/plugins/webinterface/settingsgenerator.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/settingsgenerator.h
Examining data/ktorrent-5.2.0/plugins/webinterface/torrentfilesgenerator.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/torrentfilesgenerator.h
Examining data/ktorrent-5.2.0/plugins/webinterface/torrentlistgenerator.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/torrentlistgenerator.h
Examining data/ktorrent-5.2.0/plugins/webinterface/torrentposthandler.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/torrentposthandler.h
Examining data/ktorrent-5.2.0/plugins/webinterface/webcontentgenerator.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/webcontentgenerator.h
Examining data/ktorrent-5.2.0/plugins/webinterface/webinterfaceplugin.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/webinterfaceplugin.h
Examining data/ktorrent-5.2.0/plugins/webinterface/webinterfaceprefwidget.cpp
Examining data/ktorrent-5.2.0/plugins/webinterface/webinterfaceprefwidget.h
Examining data/ktorrent-5.2.0/plugins/zeroconf/torrentservice.cpp
Examining data/ktorrent-5.2.0/plugins/zeroconf/torrentservice.h
Examining data/ktorrent-5.2.0/plugins/zeroconf/zeroconfplugin.cpp
Examining data/ktorrent-5.2.0/plugins/zeroconf/zeroconfplugin.h
FINAL RESULTS:
data/ktorrent-5.2.0/plugins/bwscheduler/edititemdlg.cpp:45:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale locale(QLocale::system());
data/ktorrent-5.2.0/plugins/bwscheduler/weekdaymodel.cpp:56:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return QLocale::system().dayName(index.row() + 1);
data/ktorrent-5.2.0/plugins/bwscheduler/weekscene.cpp:65:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
qreal w = fm.width(QLocale::system().dayName(i));
data/ktorrent-5.2.0/plugins/bwscheduler/weekscene.cpp:120:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QString day = QLocale::system().dayName(i + 1);
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:445:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gi->file_path, filename);
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:925:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(org_buf, buf);
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:931:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(org_buf, buf_pointer);
data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.cpp:220:60: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
QModelIndex n = play_list->next(curr_item, random);
data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.cpp:234:56: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
QModelIndex n = play_list->next(curr_item, random);
data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.cpp:265:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
QModelIndex n = play_list->next(curr_item, random);
data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.cpp:274:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
n = play_list->next(curr_item, random);
data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.cpp:321:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
QModelIndex n = play_list->next(curr_item, random);
data/ktorrent-5.2.0/plugins/mediaplayer/mediaplayeractivity.cpp:330:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
n = play_list->next(curr_item, random);
data/ktorrent-5.2.0/plugins/mediaplayer/playlistwidget.cpp:208:67: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
QModelIndex PlayListWidget::next(const QModelIndex& idx, bool random) const
data/ktorrent-5.2.0/plugins/mediaplayer/playlistwidget.cpp:215:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!random)
data/ktorrent-5.2.0/plugins/mediaplayer/playlistwidget.cpp:224:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if (!random)
data/ktorrent-5.2.0/plugins/mediaplayer/playlistwidget.h:61:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
QModelIndex next(const QModelIndex& idx, bool random) const;
data/ktorrent-5.2.0/plugins/mediaplayer/playlistwidget.h:87:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void randomModeActivated(bool random);
data/ktorrent-5.2.0/ktmagnetdownloader/magnettest.cpp:133:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fptr.open(QStringLiteral("output.torrent"), QStringLiteral("wb")))
data/ktorrent-5.2.0/ktorrent/dialogs/importdialog.cpp:286:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file, QStringLiteral("wb")))
data/ktorrent-5.2.0/ktorrent/dialogs/importdialog.cpp:329:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/ktorrent/dialogs/importdialog.cpp:371:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file_info_file, QStringLiteral("wb")))
data/ktorrent-5.2.0/ktorrent/dialogs/importdialog.cpp:395:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/ktorrent/dialogs/importdialog.cpp:412:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/ktorrent/gui.cpp:394:50: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QAction * open_action = KStandardAction::open(this, SLOT(openTorrent()), ac);
data/ktorrent-5.2.0/ktorrent/ipfilterwidget.cpp:61:52: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
KGuiItem::assign(m_open, KStandardGuiItem::open());
data/ktorrent-5.2.0/ktorrent/ipfilterwidget.cpp:94:71: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
connect(m_open, &QPushButton::clicked, this, &IPFilterWidget::open);
data/ktorrent-5.2.0/ktorrent/ipfilterwidget.cpp:136:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void IPFilterWidget::open()
data/ktorrent-5.2.0/ktorrent/ipfilterwidget.cpp:170:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/ktorrent/ipfilterwidget.cpp:189:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dat.open(QIODevice::ReadOnly);
data/ktorrent-5.2.0/ktorrent/ipfilterwidget.h:52:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open() override;
data/ktorrent-5.2.0/ktorrent/main.cpp:71:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(QFile::encodeName(pid_file).data(), O_RDWR | O_CREAT, 0640);
data/ktorrent-5.2.0/ktorrent/main.cpp:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/ktorrent-5.2.0/ktorrent/main.cpp:85:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d\n", getpid());
data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfilestream.cpp:39:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream->open(QIODevice::ReadOnly);
data/ktorrent-5.2.0/libktcore/groups/groupmanager.cpp:198:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(fn, QStringLiteral("wb")))
data/ktorrent-5.2.0/libktcore/groups/groupmanager.cpp:229:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(fn, QStringLiteral("rb")))
data/ktorrent-5.2.0/libktcore/torrent/magnetmanager.cpp:385:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/libktcore/torrent/magnetmanager.cpp:432:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file, QStringLiteral("wb")))
data/ktorrent-5.2.0/libktcore/util/mmapfile.cpp:55:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool MMapFile::open(const QString& file, QIODevice::OpenModeFlag mode)
data/ktorrent-5.2.0/libktcore/util/mmapfile.cpp:81:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fptr->open(mode)))
data/ktorrent-5.2.0/libktcore/util/mmapfile.cpp:177:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[ptr], buf, buf_size);
data/ktorrent-5.2.0/libktcore/util/mmapfile.cpp:216:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data + ptr, to_read);
data/ktorrent-5.2.0/libktcore/util/mmapfile.h:53:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const QString& file, QIODevice::OpenModeFlag mode);
data/ktorrent-5.2.0/libktcore/util/stringcompletionmodel.cpp:46:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/libktcore/util/stringcompletionmodel.cpp:66:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plasma/applet/applet.cpp:61:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/bwscheduler/schedule.cpp:134:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/bwscheduler/schedule.cpp:269:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file, QStringLiteral("wb")))
data/ktorrent-5.2.0/plugins/downloadorder/downloadordermanager.cpp:51:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/downloadorder/downloadordermanager.cpp:68:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:65:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char GeoIP_country_code[247][3] = { "--", "AP", "EU", "AD", "AE", "AF", "AG", "AI", "AL", "AM", "AN", "AO", "AQ", "AR", "AS", "AT", "AU", "AW", "AZ", "BA", "BB", "BD", "BE", "BF", "BG", "BH", "BI", "BJ", "BM", "BN", "BO", "BR", "BS", "BT", "BV", "BW", "BY", "BZ", "CA", "CC", "CD", "CF", "CG", "CH", "CI", "CK", "CL", "CM", "CN", "CO", "CR", "CU", "CV", "CX", "CY", "CZ", "DE", "DJ", "DK", "DM", "DO", "DZ", "EC", "EE", "EG", "EH", "ER", "ES", "ET", "FI", "FJ", "FK", "FM", "FO", "FR", "FX", "GA", "GB", "GD", "GE", "GF", "GH", "GI", "GL", "GM", "GN", "GP", "GQ", "GR", "GS", "GT", "GU", "GW", "GY", "HK", "HM", "HN", "HR", "HT", "HU", "ID", "IE", "IL", "IN", "IO", "IQ", "IR", "IS", "IT", "JM", "JO", "JP", "KE", "KG", "KH", "KI", "KM", "KN", "KP", "KR", "KW", "KY", "KZ", "LA", "LB", "LC", "LI", "LK", "LR", "LS", "LT", "LU", "LV", "LY", "MA", "MC", "MD", "MG", "MH", "MK", "ML", "MM", "MN", "MO", "MP", "MQ", "MR", "MS", "MT", "MU", "MV", "MW", "MX", "MY", "MZ", "NA", "NC", "NE", "NF", "NG", "NI", "NL", "NO", "NP", "NR", "NU", "NZ", "OM", "PA", "PE", "PF", "PG", "PH", "PK", "PL", "PM", "PN", "PR", "PS", "PT", "PW", "PY", "QA", "RE", "RO", "RU", "RW", "SA", "SB", "SC", "SD", "SE", "SG", "SH", "SI", "SJ", "SK", "SL", "SM", "SN", "SO", "SR", "ST", "SV", "SY", "SZ", "TC", "TD", "TF", "TG", "TH", "TJ", "TK", "TM", "TN", "TO", "TP", "TR", "TT", "TV", "TW", "TZ", "UA", "UG", "UM", "US", "UY", "UZ", "VA", "VC", "VE", "VG", "VI", "VN", "VU", "WF", "WS", "YE", "YT", "CS", "ZA", "ZM", "ZR", "ZW", "A1", "A2", "O1"};
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:67:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char GeoIP_country_code3[247][4] = { "--", "AP", "EU", "AND", "ARE", "AFG", "ATG", "AIA", "ALB", "ARM", "ANT", "AGO", "AQ", "ARG", "ASM", "AUT", "AUS", "ABW", "AZE", "BIH", "BRB", "BGD", "BEL", "BFA", "BGR", "BHR", "BDI", "BEN", "BMU", "BRN", "BOL", "BRA", "BHS", "BTN", "BV", "BWA", "BLR", "BLZ", "CAN", "CC", "COD", "CAF", "COG", "CHE", "CIV", "COK", "CHL", "CMR", "CHN", "COL", "CRI", "CUB", "CPV", "CX", "CYP", "CZE", "DEU", "DJI", "DNK", "DMA", "DOM", "DZA", "ECU", "EST", "EGY", "ESH", "ERI", "ESP", "ETH", "FIN", "FJI", "FLK", "FSM", "FRO", "FRA", "FX", "GAB", "GBR", "GRD", "GEO", "GUF", "GHA", "GIB", "GRL", "GMB", "GIN", "GLP", "GNQ", "GRC", "GS", "GTM", "GUM", "GNB", "GUY", "HKG", "HM", "HND", "HRV", "HTI", "HUN", "IDN", "IRL", "ISR", "IND", "IO", "IRQ", "IRN", "ISL", "ITA", "JAM", "JOR", "JPN", "KEN", "KGZ", "KHM", "KIR", "COM", "KNA", "PRK", "KOR", "KWT", "CYM", "KAZ", "LAO", "LBN", "LCA", "LIE", "LKA", "LBR", "LSO", "LTU", "LUX", "LVA", "LBY", "MAR", "MCO", "MDA", "MDG", "MHL", "MKD", "MLI", "MMR", "MNG", "MAC", "MNP", "MTQ", "MRT", "MSR", "MLT", "MUS", "MDV", "MWI", "MEX", "MYS", "MOZ", "NAM", "NCL", "NER", "NFK", "NGA", "NIC", "NLD", "NOR", "NPL", "NRU", "NIU", "NZL", "OMN", "PAN", "PER", "PYF", "PNG", "PHL", "PAK", "POL", "SPM", "PCN", "PRI", "PSE", "PRT", "PLW", "PRY", "QAT", "REU", "ROU", "RUS", "RWA", "SAU", "SLB", "SYC", "SDN", "SWE", "SGP", "SHN", "SVN", "SJM", "SVK", "SLE", "SMR", "SEN", "SOM", "SUR", "STP", "SLV", "SYR", "SWZ", "TCA", "TCD", "TF", "TGO", "THA", "TJK", "TKL", "TLS", "TKM", "TUN", "TON", "TUR", "TTO", "TUV", "TWN", "TZA", "UKR", "UGA", "UM", "USA", "URY", "UZB", "VAT", "VCT", "VEN", "VGB", "VIR", "VNM", "VUT", "WLF", "WSM", "YEM", "YT", "SCG", "ZAF", "ZMB", "ZR", "ZWE", "A1", "A2", "O1"};
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:74:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char GeoIP_country_continent[247][3] = {"--", "AS", "EU", "EU", "AS", "AS", "SA", "SA", "EU", "AS", "SA", "AF", "AN", "SA", "OC", "EU", "OC", "SA", "AS", "EU", "SA", "AS", "EU", "AF", "EU", "AS", "AF", "AF", "SA", "AS", "SA", "SA", "SA", "AS", "AF", "AF", "EU", "SA", "NA", "AS", "AF", "AF", "AF", "EU", "AF", "OC", "SA", "AF", "AS", "SA", "SA", "SA", "AF", "AS", "AS", "EU", "EU", "AF", "EU", "SA", "SA", "AF", "SA", "EU", "AF", "AF", "AF", "EU", "AF", "EU", "OC", "SA", "OC", "EU", "EU", "EU", "AF", "EU", "SA", "AS", "SA", "AF", "EU", "SA", "AF", "AF", "SA", "AF", "EU", "SA", "SA", "OC", "AF", "SA", "AS", "AF", "SA", "EU", "SA", "EU", "AS", "EU", "AS", "AS", "AS", "AS", "AS", "EU", "EU", "SA", "AS", "AS", "AF", "AS", "AS", "OC", "AF", "SA", "AS", "AS", "AS", "SA", "AS", "AS", "AS", "SA", "EU", "AS", "AF", "AF", "EU", "EU", "EU", "AF", "AF", "EU", "EU", "AF", "OC", "EU", "AF", "AS", "AS", "AS", "OC", "SA", "AF", "SA", "EU", "AF", "AS", "AF", "NA", "AS", "AF", "AF", "OC", "AF", "OC", "AF", "SA", "EU", "EU", "AS", "OC", "OC", "OC", "AS", "SA", "SA", "OC", "OC", "AS", "AS", "EU", "SA", "OC", "SA", "AS", "EU", "OC", "SA", "AS", "AF", "EU", "AS", "AF", "AS", "OC", "AF", "AF", "EU", "AS", "AF", "EU", "EU", "EU", "AF", "EU", "AF", "AF", "SA", "AF", "SA", "AS", "AF", "SA", "AF", "AF", "AF", "AS", "AS", "OC", "AS", "AF", "OC", "AS", "AS", "SA", "OC", "AS", "AF", "EU", "AF", "OC", "NA", "SA", "AS", "EU", "SA", "SA", "SA", "SA", "AS", "OC", "OC", "OC", "AS", "AF", "EU", "AF", "AF", "AF", "AF"};
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PATH], *p, *q = NULL;
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:154:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char delim[3];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:155:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[SEGMENT_RECORD_LENGTH];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:250:41: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gi->GeoIPDatabase = fopen(gi->file_path, "rb");
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:268:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char stack_buffer[2 * MAX_RECORD_LENGTH];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tok[4];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:374:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
octet = atoi(tok);
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:446:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gi->GeoIPDatabase = fopen(filename, "rb");
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:722:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:797:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(region->country_code, GeoIP_country_code[seek_region], 2);
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:828:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(region->country_code, GeoIP_country_code[(seek_region - WORLD_OFFSET) / FIPS_RANGE], 2);
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:902:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ORG_RECORD_LENGTH];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h:56:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country_code[3];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h:57:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char region[3];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h:105:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char GeoIP_country_code[247][3];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h:106:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char GeoIP_country_code3[247][4];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h:108:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char GeoIP_country_continent[247][3];
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h:160:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(dest, src, n) bcopy(src, dest, n)
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.h:160:30: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(dest, src, n) bcopy(src, dest, n)
data/ktorrent-5.2.0/plugins/infowidget/fileview.cpp:116:137: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open_action = context_menu->addAction(QIcon::fromTheme(QStringLiteral("document-open")), i18nc("Open file", "Open"), this, SLOT(open()));
data/ktorrent-5.2.0/plugins/infowidget/fileview.cpp:286:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void FileView::open()
data/ktorrent-5.2.0/plugins/infowidget/fileview.h:77:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/ktorrent-5.2.0/plugins/ipfilter/convertthread.cpp:67:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!source.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/ipfilter/convertthread.cpp:163:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!target.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/ipfilter/downloadandconvertjob.cpp:99:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/ktorrent-5.2.0/plugins/ipfilter/downloadandconvertjob.cpp:202:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!zip->open(QIODevice::ReadOnly) || !zip->directory())
data/ktorrent-5.2.0/plugins/ipfilter/ipblocklist.cpp:97:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/mediaplayer/mediafilestream.cpp:39:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
s->open(QIODevice::ReadOnly);
data/ktorrent-5.2.0/plugins/mediaplayer/playlist.cpp:306:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/mediaplayer/playlist.cpp:320:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/scanfolder/torrentloadqueue.cpp:74:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/scanfolder/torrentloadqueue.cpp:178:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::WriteOnly);
data/ktorrent-5.2.0/plugins/scripting/scriptmodel.cpp:115:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!archive->open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/search/searchactivity.cpp:116:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/search/searchactivity.cpp:145:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/search/searchengine.cpp:156:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/search/searchenginelist.cpp:109:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/search/searchenginelist.cpp:194:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/search/searchtoolbar.cpp:155:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/search/searchtoolbar.cpp:182:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/search/webview.cpp:100:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/shutdown/shutdownruleset.cpp:147:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file, QStringLiteral("wt")))
data/ktorrent-5.2.0/plugins/shutdown/shutdownruleset.cpp:178:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/syndication/feedlist.cpp:86:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/syndication/feedretriever.cpp:83:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fptr.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/plugins/syndication/filterlist.cpp:61:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file, QStringLiteral("wt")))
data/ktorrent-5.2.0/plugins/syndication/filterlist.cpp:77:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/syndication/ktfeed.cpp:90:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(file, QStringLiteral("wt")))
data/ktorrent-5.2.0/plugins/syndication/ktfeed.cpp:143:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fptr.open(QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/webinterface/httpclienthandler.cpp:162:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!c->open(full_path, QIODevice::ReadOnly))
data/ktorrent-5.2.0/plugins/webinterface/torrentposthandler.cpp:73:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!tmp_file.open(QIODevice::WriteOnly))
data/ktorrent-5.2.0/ktorrent/main.cpp:86:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, str, strlen(str)); /* record pid to lockfile */
data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfilestream.cpp:66:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray DBusTorrentFileStream::read(qint64 maxlen)
data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfilestream.cpp:74:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
qint64 ret = stream->read(ba.data(), to_read);
data/ktorrent-5.2.0/libktcore/dbus/dbustorrentfilestream.h:66:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Q_SCRIPTABLE QByteArray read(qint64 maxlen);
data/ktorrent-5.2.0/libktcore/groups/groupmanager.cpp:240:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fptr.read(data.data(), fs);
data/ktorrent-5.2.0/libktcore/util/mmapfile.cpp:208:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 MMapFile::read(void* buf, Uint32 buf_size)
data/ktorrent-5.2.0/libktcore/util/mmapfile.h:79:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Uint32 read(void* buf, Uint32 size);
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:442:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gi->file_path = malloc(sizeof(char) * (strlen(filename) + 1));
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:924:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
org_buf = malloc(sizeof(char) * (strlen(buf) + 1));
data/ktorrent-5.2.0/plugins/infowidget/GeoIP.c:930:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
org_buf = malloc(sizeof(char) * (strlen(buf_pointer) + 1));
data/ktorrent-5.2.0/plugins/ipfilter/downloadandconvertjob.cpp:103:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const QByteArray data = file.read(32);
data/ktorrent-5.2.0/plugins/ipfilter/ipblocklist.cpp:109:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (file.read((char*)&block, sizeof(IPBlock)) == sizeof(IPBlock))
data/ktorrent-5.2.0/plugins/mediaplayer/mediafilestream.cpp:66:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const QByteArray data = s->read(min_amount_needed);
data/ktorrent-5.2.0/plugins/mediaplayer/mediafilestream.cpp:103:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = s->read(min_amount_needed);
data/ktorrent-5.2.0/plugins/mediaplayer/mediafilestream.cpp:125:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = s->read(4096);
ANALYSIS SUMMARY:
Hits = 120
Lines analyzed = 68578 in approximately 3.74 seconds (18316 lines/second)
Physical Source Lines of Code (SLOC) = 45609
Hits@level = [0] 43 [1] 15 [2] 87 [3] 11 [4] 7 [5] 0
Hits@level+ = [0+] 163 [1+] 120 [2+] 105 [3+] 18 [4+] 7 [5+] 0
Hits/KSLOC@level+ = [0+] 3.57386 [1+] 2.63106 [2+] 2.30218 [3+] 0.394659 [4+] 0.153478 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.