Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kunitconversion-5.74.0/autotests/convertertest.cpp Examining data/kunitconversion-5.74.0/autotests/categorytest.h Examining data/kunitconversion-5.74.0/autotests/convertertest.h Examining data/kunitconversion-5.74.0/autotests/valuetest.cpp Examining data/kunitconversion-5.74.0/autotests/valuetest.h Examining data/kunitconversion-5.74.0/autotests/categorytest.cpp Examining data/kunitconversion-5.74.0/src/unit.cpp Examining data/kunitconversion-5.74.0/src/mass.cpp Examining data/kunitconversion-5.74.0/src/voltage_p.h Examining data/kunitconversion-5.74.0/src/force.cpp Examining data/kunitconversion-5.74.0/src/voltage.cpp Examining data/kunitconversion-5.74.0/src/density.cpp Examining data/kunitconversion-5.74.0/src/unit_p.h Examining data/kunitconversion-5.74.0/src/fuel_efficiency.cpp Examining data/kunitconversion-5.74.0/src/electrical_current_p.h Examining data/kunitconversion-5.74.0/src/temperature.cpp Examining data/kunitconversion-5.74.0/src/value.cpp Examining data/kunitconversion-5.74.0/src/value.h Examining data/kunitconversion-5.74.0/src/thermal_flux_p.h Examining data/kunitconversion-5.74.0/src/thermal_conductivity_p.h Examining data/kunitconversion-5.74.0/src/permeability.cpp Examining data/kunitconversion-5.74.0/src/permeability_p.h Examining data/kunitconversion-5.74.0/src/energy.cpp Examining data/kunitconversion-5.74.0/src/length.cpp Examining data/kunitconversion-5.74.0/src/power_p.h Examining data/kunitconversion-5.74.0/src/converter.h Examining data/kunitconversion-5.74.0/src/force_p.h Examining data/kunitconversion-5.74.0/src/volume_p.h Examining data/kunitconversion-5.74.0/src/unitcategory_p.h Examining data/kunitconversion-5.74.0/src/length_p.h Examining data/kunitconversion-5.74.0/src/acceleration_p.h Examining data/kunitconversion-5.74.0/src/unitcategory.cpp Examining data/kunitconversion-5.74.0/src/currency.cpp Examining data/kunitconversion-5.74.0/src/mass_p.h Examining data/kunitconversion-5.74.0/src/unit.h Examining data/kunitconversion-5.74.0/src/electrical_current.cpp Examining data/kunitconversion-5.74.0/src/currency_p.h Examining data/kunitconversion-5.74.0/src/converter.cpp Examining data/kunitconversion-5.74.0/src/angle_p.h Examining data/kunitconversion-5.74.0/src/thermal_flux.cpp Examining data/kunitconversion-5.74.0/src/pressure_p.h Examining data/kunitconversion-5.74.0/src/volume.cpp Examining data/kunitconversion-5.74.0/src/timeunit_p.h Examining data/kunitconversion-5.74.0/src/area.cpp Examining data/kunitconversion-5.74.0/src/frequency.cpp Examining data/kunitconversion-5.74.0/src/frequency_p.h Examining data/kunitconversion-5.74.0/src/binary_data.cpp Examining data/kunitconversion-5.74.0/src/area_p.h Examining data/kunitconversion-5.74.0/src/electrical_resistance_p.h Examining data/kunitconversion-5.74.0/src/density_p.h Examining data/kunitconversion-5.74.0/src/angle.cpp Examining data/kunitconversion-5.74.0/src/power.cpp Examining data/kunitconversion-5.74.0/src/thermal_generation.cpp Examining data/kunitconversion-5.74.0/src/timeunit.cpp Examining data/kunitconversion-5.74.0/src/unitcategory.h Examining data/kunitconversion-5.74.0/src/energy_p.h Examining data/kunitconversion-5.74.0/src/pressure.cpp Examining data/kunitconversion-5.74.0/src/temperature_p.h Examining data/kunitconversion-5.74.0/src/thermal_generation_p.h Examining data/kunitconversion-5.74.0/src/binary_data_p.h Examining data/kunitconversion-5.74.0/src/thermal_conductivity.cpp Examining data/kunitconversion-5.74.0/src/fuel_efficiency_p.h Examining data/kunitconversion-5.74.0/src/electrical_resistance.cpp Examining data/kunitconversion-5.74.0/src/velocity_p.h Examining data/kunitconversion-5.74.0/src/acceleration.cpp Examining data/kunitconversion-5.74.0/src/velocity.cpp FINAL RESULTS: data/kunitconversion-5.74.0/src/currency.cpp:680:35: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cacheFile.open(QFile::WriteOnly)) { data/kunitconversion-5.74.0/src/currency.cpp:701:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QIODevice::ReadOnly)) { ANALYSIS SUMMARY: Hits = 2 Lines analyzed = 8269 in approximately 0.40 seconds (20771 lines/second) Physical Source Lines of Code (SLOC) = 6136 Hits@level = [0] 0 [1] 0 [2] 2 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 2 [1+] 2 [2+] 2 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.325945 [1+] 0.325945 [2+] 0.325945 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.