Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libkf5kexiv2-20.04.3/tests/erasetag.cpp Examining data/libkf5kexiv2-20.04.3/tests/readimagewritexmpsidecar.cpp Examining data/libkf5kexiv2-20.04.3/tests/loadfromba.cpp Examining data/libkf5kexiv2-20.04.3/tests/setxmpface.cpp Examining data/libkf5kexiv2-20.04.3/tests/setiptcpreview.cpp Examining data/libkf5kexiv2-20.04.3/tests/printtagslist.cpp Examining data/libkf5kexiv2-20.04.3/tests/usexmpsidecar.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp Examining data/libkf5kexiv2-20.04.3/src/rotationmatrix.h Examining data/libkf5kexiv2-20.04.3/src/kexiv2image.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2comments.cpp Examining data/libkf5kexiv2-20.04.3/src/libkexiv2_debug.cpp Examining data/libkf5kexiv2-20.04.3/src/rotationmatrix.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2data.h Examining data/libkf5kexiv2-20.04.3/src/kexiv2_p.h Examining data/libkf5kexiv2-20.04.3/src/kexiv2exif.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2gps.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2previews.h Examining data/libkf5kexiv2-20.04.3/src/kexiv2data.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2iptc.cpp Examining data/libkf5kexiv2-20.04.3/src/libkexiv2_debug.h Examining data/libkf5kexiv2-20.04.3/src/kexiv2previews.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2.h Examining data/libkf5kexiv2-20.04.3/src/kexiv2.cpp Examining data/libkf5kexiv2-20.04.3/src/kexiv2_p.cpp FINAL RESULTS: data/libkf5kexiv2-20.04.3/src/kexiv2.cpp:229:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open((Exiv2::byte*)imgData.data(), imgData.size()); data/libkf5kexiv2-20.04.3/src/kexiv2.cpp:287:45: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). image = Exiv2::ImageFactory::open((const char*)(QFile::encodeName(filePath)).constData()); data/libkf5kexiv2-20.04.3/src/kexiv2.cpp:339:51: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). xmpsidecar = Exiv2::ImageFactory::open(QFile::encodeName(xmpSidecarPath).constData()); data/libkf5kexiv2-20.04.3/src/kexiv2_p.cpp:181:38: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). image = Exiv2::ImageFactory::open((const char*)(QFile::encodeName(finfo.filePath()).constData())); data/libkf5kexiv2-20.04.3/src/kexiv2_p.cpp:477:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char text_chars[256] = data/libkf5kexiv2-20.04.3/src/kexiv2comments.cpp:41:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open((const char*) data/libkf5kexiv2-20.04.3/src/kexiv2exif.cpp:52:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open((const char*) data/libkf5kexiv2-20.04.3/src/kexiv2exif.cpp:113:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data.data(), ExifHeader, sizeof(ExifHeader)); data/libkf5kexiv2-20.04.3/src/kexiv2exif.cpp:114:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data.data() + sizeof(ExifHeader), ba.data(), ba.size()); data/libkf5kexiv2-20.04.3/src/kexiv2exif.cpp:958:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buffer.open(QIODevice::WriteOnly); data/libkf5kexiv2-20.04.3/src/kexiv2exif.cpp:1013:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buffer.open(QIODevice::WriteOnly); data/libkf5kexiv2-20.04.3/src/kexiv2gps.cpp:394:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchBuf[100]; data/libkf5kexiv2-20.04.3/src/kexiv2image.cpp:1078:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buffer.open(QIODevice::WriteOnly); data/libkf5kexiv2-20.04.3/src/kexiv2iptc.cpp:41:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open((const char*) data/libkf5kexiv2-20.04.3/src/kexiv2previews.cpp:82:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open((const char*)(QFile::encodeName(filePath).constData())); data/libkf5kexiv2-20.04.3/src/kexiv2previews.cpp:100:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open((Exiv2::byte*)imgData.data(), imgData.size()); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:42:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open((const char*) data/libkf5kexiv2-20.04.3/tests/loadfromba.cpp:56:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !file.open(QIODevice::ReadOnly) ) data/libkf5kexiv2-20.04.3/src/kexiv2exif.cpp:1018:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val.read("0"); data/libkf5kexiv2-20.04.3/src/kexiv2gps.cpp:350:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). value->read("2 0 0 0"); data/libkf5kexiv2-20.04.3/src/kexiv2gps.cpp:406:42: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((*altitude) >= 0) value->read("0"); data/libkf5kexiv2-20.04.3/src/kexiv2gps.cpp:407:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else value->read("1"); data/libkf5kexiv2-20.04.3/src/kexiv2image.cpp:873:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtVal->read(xmpdatetime); data/libkf5kexiv2-20.04.3/src/kexiv2image.cpp:1086:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val.read((Exiv2::byte *)data.data(), data.size()); data/libkf5kexiv2-20.04.3/src/kexiv2iptc.cpp:534:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val->read(key.toUtf8().constData()); data/libkf5kexiv2-20.04.3/src/kexiv2iptc.cpp:635:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val->read(key.toUtf8().constData()); data/libkf5kexiv2-20.04.3/src/kexiv2iptc.cpp:729:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val->read(key.toUtf8().constData()); data/libkf5kexiv2-20.04.3/src/kexiv2iptc.cpp:824:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val->read(key.toUtf8().constData()); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:398:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtVal->read(txt); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:436:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtVal.read(txt); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:444:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtVal.read(""); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:546:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtVal->read(txt); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:657:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtVal->read(val); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:663:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtVal->read(txt); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:763:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtSeq->read(txt); data/libkf5kexiv2-20.04.3/src/kexiv2xmp.cpp:863:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xmpTxtBag->read(txt); ANALYSIS SUMMARY: Hits = 36 Lines analyzed = 9694 in approximately 0.30 seconds (32673 lines/second) Physical Source Lines of Code (SLOC) = 6178 Hits@level = [0] 3 [1] 18 [2] 18 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 39 [1+] 36 [2+] 18 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 6.31272 [1+] 5.82713 [2+] 2.91356 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.