Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libqinfinity-0.5.1/libqinfinity/defaulttextplugin.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/textchunk.h
Examining data/libqinfinity-0.5.1/libqinfinity/adopteduser.h
Examining data/libqinfinity-0.5.1/libqinfinity/sessionproxy.h
Examining data/libqinfinity-0.5.1/libqinfinity/textsession.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/xmppconnection.h
Examining data/libqinfinity-0.5.1/libqinfinity/adoptedsession.h
Examining data/libqinfinity-0.5.1/libqinfinity/undogrouping.h
Examining data/libqinfinity-0.5.1/libqinfinity/abstracttextbuffer.h
Examining data/libqinfinity-0.5.1/libqinfinity/abstracttextbuffer.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/init.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/ipaddress.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/qgsignal.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/textbuffer.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/browseriter.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/init.h
Examining data/libqinfinity-0.5.1/libqinfinity/buffer.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/noderequest.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/textsession.h
Examining data/libqinfinity-0.5.1/libqinfinity/adopteduser.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/qtio.h
Examining data/libqinfinity-0.5.1/libqinfinity/certificatecredentials.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/qtiowatch.h
Examining data/libqinfinity-0.5.1/libqinfinity/defaulttextplugin.h
Examining data/libqinfinity-0.5.1/libqinfinity/tcpconnection.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/xmlconnection.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/userrequest.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/certificatecredentials.h
Examining data/libqinfinity-0.5.1/libqinfinity/qtiowatch.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/usersmodel.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/request.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/qgsignal.h
Examining data/libqinfinity-0.5.1/libqinfinity/wrapperstore.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/buffer.h
Examining data/libqinfinity-0.5.1/libqinfinity/browsermodel.h
Examining data/libqinfinity-0.5.1/libqinfinity/user.h
Examining data/libqinfinity-0.5.1/libqinfinity/sessionproxy.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/browser.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/xmlconnection.h
Examining data/libqinfinity-0.5.1/libqinfinity/qtextplugin.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/explorerequest.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/usertable.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/user.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/qgobject.h
Examining data/libqinfinity-0.5.1/libqinfinity/qtio.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/textbuffer.h
Examining data/libqinfinity-0.5.1/libqinfinity/ipaddress.h
Examining data/libqinfinity-0.5.1/libqinfinity/textdefaultbuffer.h
Examining data/libqinfinity-0.5.1/libqinfinity/tcpconnection.h
Examining data/libqinfinity-0.5.1/libqinfinity/wrapperstore.h
Examining data/libqinfinity-0.5.1/libqinfinity/qtextplugin.h
Examining data/libqinfinity-0.5.1/libqinfinity/communicationmanager.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/communicationjoinedgroup.h
Examining data/libqinfinity-0.5.1/libqinfinity/userrequest.h
Examining data/libqinfinity-0.5.1/libqinfinity/browsermodel.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/explorerequest.h
Examining data/libqinfinity-0.5.1/libqinfinity/qgobject.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/communicationjoinedgroup.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/undogrouping.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/session.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/session.h
Examining data/libqinfinity-0.5.1/libqinfinity/textchunk.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/textdefaultbuffer.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/browser.h
Examining data/libqinfinity-0.5.1/libqinfinity/browseriter.h
Examining data/libqinfinity-0.5.1/libqinfinity/adoptedsession.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/noderequest.h
Examining data/libqinfinity-0.5.1/libqinfinity/browseritemfactory.h
Examining data/libqinfinity-0.5.1/libqinfinity/noteplugin.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/xmppconnection.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/usersmodel.h
Examining data/libqinfinity-0.5.1/libqinfinity/request.h
Examining data/libqinfinity-0.5.1/libqinfinity/browseritemfactory.cpp
Examining data/libqinfinity-0.5.1/libqinfinity/noteplugin.h
Examining data/libqinfinity-0.5.1/libqinfinity/communicationmanager.h
Examining data/libqinfinity-0.5.1/libqinfinity/usertable.h
FINAL RESULTS:
data/libqinfinity-0.5.1/libqinfinity/noteplugin.cpp:33:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_name, name.toAscii());
data/libqinfinity-0.5.1/libqinfinity/tcpconnection.cpp:60:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool TcpConnection::open()
data/libqinfinity-0.5.1/libqinfinity/tcpconnection.h:56:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open();
ANALYSIS SUMMARY:
Hits = 3
Lines analyzed = 7861 in approximately 0.32 seconds (24615 lines/second)
Physical Source Lines of Code (SLOC) = 4863
Hits@level = [0] 0 [1] 0 [2] 2 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 3 [1+] 3 [2+] 3 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 0.616903 [1+] 0.616903 [2+] 0.616903 [3+] 0.205634 [4+] 0.205634 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.