Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kuserfeedback-1.0.0/tests/feedbackconfigwidgettest.cpp
Examining data/kuserfeedback-1.0.0/tests/orwell.h
Examining data/kuserfeedback-1.0.0/tests/notificationpopuptest.cpp
Examining data/kuserfeedback-1.0.0/tests/orwell.cpp
Examining data/kuserfeedback-1.0.0/autotests/timeaggregationmodeltest.cpp
Examining data/kuserfeedback-1.0.0/autotests/openglinfosourcetest.cpp
Examining data/kuserfeedback-1.0.0/autotests/providertest.cpp
Examining data/kuserfeedback-1.0.0/autotests/schemamodeltest.cpp
Examining data/kuserfeedback-1.0.0/autotests/categoryaggregationmodeltest.cpp
Examining data/kuserfeedback-1.0.0/autotests/selectionratiosourcetest.cpp
Examining data/kuserfeedback-1.0.0/autotests/feedbackconfigtest.cpp
Examining data/kuserfeedback-1.0.0/autotests/serverinfotest.cpp
Examining data/kuserfeedback-1.0.0/autotests/schematemplatetest.cpp
Examining data/kuserfeedback-1.0.0/autotests/servercontroller.h
Examining data/kuserfeedback-1.0.0/autotests/datamodeltest.cpp
Examining data/kuserfeedback-1.0.0/autotests/surveyapitest.cpp
Examining data/kuserfeedback-1.0.0/autotests/producttest.cpp
Examining data/kuserfeedback-1.0.0/autotests/surveyprovidertest.cpp
Examining data/kuserfeedback-1.0.0/autotests/ratiosetaggregationmodeltest.cpp
Examining data/kuserfeedback-1.0.0/autotests/productmodeltest.cpp
Examining data/kuserfeedback-1.0.0/autotests/surveytargetexpressiontest.cpp
Examining data/kuserfeedback-1.0.0/autotests/numericaggregationmodeltest.cpp
Examining data/kuserfeedback-1.0.0/autotests/datasourcetest.cpp
Examining data/kuserfeedback-1.0.0/autotests/productapitest.cpp
Examining data/kuserfeedback-1.0.0/autotests/servercontroller.cpp
Examining data/kuserfeedback-1.0.0/autotests/sampletest.cpp
Examining data/kuserfeedback-1.0.0/autotests/submittest.cpp
Examining data/kuserfeedback-1.0.0/src/common/surveytargetexpression.h
Examining data/kuserfeedback-1.0.0/src/common/surveytargetexpression.cpp
Examining data/kuserfeedback-1.0.0/src/common/surveytargetexpressionparser.h
Examining data/kuserfeedback-1.0.0/src/common/surveytargetexpressionevaluator.h
Examining data/kuserfeedback-1.0.0/src/common/surveytargetexpressionevaluator.cpp
Examining data/kuserfeedback-1.0.0/src/common/surveytargetexpressionparser.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/startcountsource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/auditloguicontroller.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/localeinfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/feedbackconfiguicontroller.h
Examining data/kuserfeedback-1.0.0/src/provider/core/platforminfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/applicationversionsource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/propertyratiosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/selectionratiosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/usagetimesource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/openglinfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/abstractdatasource_p.h
Examining data/kuserfeedback-1.0.0/src/provider/core/openglinfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/startcountsource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/qtversionsource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/provider.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/provider_p.h
Examining data/kuserfeedback-1.0.0/src/provider/core/feedbackconfiguicontroller.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/surveyinfo.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/qtversionsource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/applicationversionsource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/abstractdatasource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/provider.h
Examining data/kuserfeedback-1.0.0/src/provider/core/qpainfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/compilerinfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/logging_p.h
Examining data/kuserfeedback-1.0.0/src/provider/core/usagetimesource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/openglinfosource_p.h
Examining data/kuserfeedback-1.0.0/src/provider/core/propertyratiosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/platforminfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/screeninfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/compilerinfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/qpainfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/cpuinfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/selectionratiosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/screeninfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/abstractdatasource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/localeinfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/core/auditloguicontroller.h
Examining data/kuserfeedback-1.0.0/src/provider/core/cpuinfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/core/surveyinfo.h
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlproviderextension.cpp
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlpropertyratiosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlpropertysource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmldatasources.cpp
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlplugin.h
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlabstractdatasource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlabstractdatasource.h
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlpropertysource.h
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlpropertyratiosource.h
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlproviderextension.h
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmlplugin.cpp
Examining data/kuserfeedback-1.0.0/src/provider/qml/qmldatasources.h
Examining data/kuserfeedback-1.0.0/src/provider/widgets/notificationpopup.cpp
Examining data/kuserfeedback-1.0.0/src/provider/widgets/feedbackconfigdialog.cpp
Examining data/kuserfeedback-1.0.0/src/provider/widgets/styleinfosource.cpp
Examining data/kuserfeedback-1.0.0/src/provider/widgets/auditlogbrowserdialog.cpp
Examining data/kuserfeedback-1.0.0/src/provider/widgets/styleinfosource.h
Examining data/kuserfeedback-1.0.0/src/provider/widgets/feedbackconfigwidget.cpp
Examining data/kuserfeedback-1.0.0/src/provider/widgets/feedbackconfigdialog.h
Examining data/kuserfeedback-1.0.0/src/provider/widgets/notificationpopup.h
Examining data/kuserfeedback-1.0.0/src/provider/widgets/feedbackconfigwidget.h
Examining data/kuserfeedback-1.0.0/src/provider/widgets/auditlogbrowserdialog.h
Examining data/kuserfeedback-1.0.0/src/console/core/aggregationelement.cpp
Examining data/kuserfeedback-1.0.0/src/console/core/product.h
Examining data/kuserfeedback-1.0.0/src/console/core/sample.h
Examining data/kuserfeedback-1.0.0/src/console/core/survey.cpp
Examining data/kuserfeedback-1.0.0/src/console/core/aggregationelement.h
Examining data/kuserfeedback-1.0.0/src/console/core/schemaentrytemplates.h
Examining data/kuserfeedback-1.0.0/src/console/core/schemaentrytemplates.cpp
Examining data/kuserfeedback-1.0.0/src/console/core/schemaentryelement.h
Examining data/kuserfeedback-1.0.0/src/console/core/schemaentry.h
Examining data/kuserfeedback-1.0.0/src/console/core/product.cpp
Examining data/kuserfeedback-1.0.0/src/console/core/aggregation.cpp
Examining data/kuserfeedback-1.0.0/src/console/core/schemaentryelement.cpp
Examining data/kuserfeedback-1.0.0/src/console/core/schemaentry.cpp
Examining data/kuserfeedback-1.0.0/src/console/core/survey.h
Examining data/kuserfeedback-1.0.0/src/console/core/aggregation.h
Examining data/kuserfeedback-1.0.0/src/console/core/util.h
Examining data/kuserfeedback-1.0.0/src/console/core/sample.cpp
Examining data/kuserfeedback-1.0.0/src/console/rest/serverinfo.h
Examining data/kuserfeedback-1.0.0/src/console/rest/serverinfo.cpp
Examining data/kuserfeedback-1.0.0/src/console/rest/restapi.cpp
Examining data/kuserfeedback-1.0.0/src/console/rest/restclient.cpp
Examining data/kuserfeedback-1.0.0/src/console/rest/restapi.h
Examining data/kuserfeedback-1.0.0/src/console/rest/restclient.h
Examining data/kuserfeedback-1.0.0/src/console/connectdialog.h
Examining data/kuserfeedback-1.0.0/src/console/connectdialog.cpp
Examining data/kuserfeedback-1.0.0/src/console/mainwindow.h
Examining data/kuserfeedback-1.0.0/src/console/main.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/aggregator.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/analyticsview.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/numericaggregator.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/chartutil.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/totalaggregator.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/categoryaggregator.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/ratiosetaggregator.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/categoryaggregator.h
Examining data/kuserfeedback-1.0.0/src/console/analytics/chartexportdialog.cpp
Examining data/kuserfeedback-1.0.0/src/console/analytics/analyticsview.h
Examining data/kuserfeedback-1.0.0/src/console/analytics/aggregator.h
Examining data/kuserfeedback-1.0.0/src/console/analytics/totalaggregator.h
Examining data/kuserfeedback-1.0.0/src/console/analytics/chartexportdialog.h
Examining data/kuserfeedback-1.0.0/src/console/analytics/ratiosetaggregator.h
Examining data/kuserfeedback-1.0.0/src/console/analytics/chartutil.h
Examining data/kuserfeedback-1.0.0/src/console/analytics/numericaggregator.h
Examining data/kuserfeedback-1.0.0/src/console/model/timeaggregationmodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/aggregationelementmodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/aggregationelementeditmodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/aggregateddatamodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/extrarowsproxymodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/ratiosetaggregationmodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/aggregationeditormodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/singlerowfilterproxymodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/productmodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/aggregateddatamodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/singlerowfilterproxymodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/datamodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/surveymodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/schemamodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/aggregationelementmodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/productmodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/numericaggregationmodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/ratiosetaggregationmodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/rolemappingproxymodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/surveymodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/numericaggregationmodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/categoryaggregationmodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/datamodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/timeaggregationmodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/schemamodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/aggregationelementeditmodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/extrarowsproxymodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/categoryaggregationmodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/model/rolemappingproxymodel.h
Examining data/kuserfeedback-1.0.0/src/console/model/aggregationeditormodel.cpp
Examining data/kuserfeedback-1.0.0/src/console/surveyeditor/surveyeditor.h
Examining data/kuserfeedback-1.0.0/src/console/surveyeditor/surveydialog.h
Examining data/kuserfeedback-1.0.0/src/console/surveyeditor/surveyeditor.cpp
Examining data/kuserfeedback-1.0.0/src/console/surveyeditor/surveydialog.cpp
Examining data/kuserfeedback-1.0.0/src/console/helpcontroller.cpp
Examining data/kuserfeedback-1.0.0/src/console/mainwindow.cpp
Examining data/kuserfeedback-1.0.0/src/console/helpcontroller.h
Examining data/kuserfeedback-1.0.0/src/console/widgets/metaenumcombobox.h
Examining data/kuserfeedback-1.0.0/src/console/widgets/metaenumcombobox.cpp
Examining data/kuserfeedback-1.0.0/src/console/jobs/job.h
Examining data/kuserfeedback-1.0.0/src/console/jobs/productimportjob.cpp
Examining data/kuserfeedback-1.0.0/src/console/jobs/job.cpp
Examining data/kuserfeedback-1.0.0/src/console/jobs/securityscanjob.h
Examining data/kuserfeedback-1.0.0/src/console/jobs/productexportjob.h
Examining data/kuserfeedback-1.0.0/src/console/jobs/handshakejob.cpp
Examining data/kuserfeedback-1.0.0/src/console/jobs/securityscanjob.cpp
Examining data/kuserfeedback-1.0.0/src/console/jobs/productimportjob.h
Examining data/kuserfeedback-1.0.0/src/console/jobs/productexportjob.cpp
Examining data/kuserfeedback-1.0.0/src/console/jobs/handshakejob.h
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaeditor.h
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaeditor.cpp
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/aggregationeditwidget.h
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaeditwidget.cpp
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaentryitemeditorfactory.h
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaentryitemeditorfactory.cpp
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaeditwidget.h
Examining data/kuserfeedback-1.0.0/src/console/schemaeditor/aggregationeditwidget.cpp
Examining data/kuserfeedback-1.0.0/src/cli/main.cpp

FINAL RESULTS:

data/kuserfeedback-1.0.0/src/console/analytics/analyticsview.cpp:279:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::WriteOnly)) {
data/kuserfeedback-1.0.0/src/console/analytics/analyticsview.cpp:296:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::ReadOnly)) {
data/kuserfeedback-1.0.0/src/console/core/schemaentrytemplates.cpp:50:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if (!f.open(QFile::ReadOnly))
data/kuserfeedback-1.0.0/src/console/jobs/productexportjob.cpp:79:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::WriteOnly)) {
data/kuserfeedback-1.0.0/src/console/jobs/productexportjob.cpp:99:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!f.open(QFile::WriteOnly)) {
data/kuserfeedback-1.0.0/src/console/jobs/productexportjob.cpp:119:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!f.open(QFile::WriteOnly)) {
data/kuserfeedback-1.0.0/src/console/jobs/productimportjob.cpp:54:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::ReadOnly)) {
data/kuserfeedback-1.0.0/src/console/jobs/productimportjob.cpp:81:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::ReadOnly)) {
data/kuserfeedback-1.0.0/src/console/jobs/productimportjob.cpp:112:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::ReadOnly)) {
data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaeditor.cpp:141:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::WriteOnly)) {
data/kuserfeedback-1.0.0/src/console/schemaeditor/schemaeditor.cpp:156:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!f.open(QFile::ReadOnly)) {
data/kuserfeedback-1.0.0/src/provider/core/auditloguicontroller.cpp:172:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!file.open(QFile::ReadOnly))
data/kuserfeedback-1.0.0/src/provider/core/provider.cpp:727:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!file.open(QFile::WriteOnly)) {
data/kuserfeedback-1.0.0/src/common/surveytargetexpressionparser.cpp:40:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const auto size = strlen(str) - 2;
data/kuserfeedback-1.0.0/src/provider/core/propertyratiosource.cpp:99:44:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    previousValue = valueToString(property.read(obj));

ANALYSIS SUMMARY:

Hits = 15
Lines analyzed = 21145 in approximately 1.46 seconds (14482 lines/second)
Physical Source Lines of Code (SLOC) = 13055
Hits@level = [0]   0 [1]   2 [2]  13 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  15 [1+]  15 [2+]  13 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 1.14899 [1+] 1.14899 [2+] 0.995787 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.