Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libqinfinity-0.5.1/libqinfinity/defaulttextplugin.cpp Examining data/libqinfinity-0.5.1/libqinfinity/textchunk.h Examining data/libqinfinity-0.5.1/libqinfinity/adopteduser.h Examining data/libqinfinity-0.5.1/libqinfinity/sessionproxy.h Examining data/libqinfinity-0.5.1/libqinfinity/textsession.cpp Examining data/libqinfinity-0.5.1/libqinfinity/xmppconnection.h Examining data/libqinfinity-0.5.1/libqinfinity/adoptedsession.h Examining data/libqinfinity-0.5.1/libqinfinity/undogrouping.h Examining data/libqinfinity-0.5.1/libqinfinity/abstracttextbuffer.h Examining data/libqinfinity-0.5.1/libqinfinity/abstracttextbuffer.cpp Examining data/libqinfinity-0.5.1/libqinfinity/init.cpp Examining data/libqinfinity-0.5.1/libqinfinity/ipaddress.cpp Examining data/libqinfinity-0.5.1/libqinfinity/qgsignal.cpp Examining data/libqinfinity-0.5.1/libqinfinity/textbuffer.cpp Examining data/libqinfinity-0.5.1/libqinfinity/browseriter.cpp Examining data/libqinfinity-0.5.1/libqinfinity/init.h Examining data/libqinfinity-0.5.1/libqinfinity/buffer.cpp Examining data/libqinfinity-0.5.1/libqinfinity/noderequest.cpp Examining data/libqinfinity-0.5.1/libqinfinity/textsession.h Examining data/libqinfinity-0.5.1/libqinfinity/adopteduser.cpp Examining data/libqinfinity-0.5.1/libqinfinity/qtio.h Examining data/libqinfinity-0.5.1/libqinfinity/certificatecredentials.cpp Examining data/libqinfinity-0.5.1/libqinfinity/qtiowatch.h Examining data/libqinfinity-0.5.1/libqinfinity/defaulttextplugin.h Examining data/libqinfinity-0.5.1/libqinfinity/tcpconnection.cpp Examining data/libqinfinity-0.5.1/libqinfinity/xmlconnection.cpp Examining data/libqinfinity-0.5.1/libqinfinity/userrequest.cpp Examining data/libqinfinity-0.5.1/libqinfinity/certificatecredentials.h Examining data/libqinfinity-0.5.1/libqinfinity/qtiowatch.cpp Examining data/libqinfinity-0.5.1/libqinfinity/usersmodel.cpp Examining data/libqinfinity-0.5.1/libqinfinity/request.cpp Examining data/libqinfinity-0.5.1/libqinfinity/qgsignal.h Examining data/libqinfinity-0.5.1/libqinfinity/wrapperstore.cpp Examining data/libqinfinity-0.5.1/libqinfinity/buffer.h Examining data/libqinfinity-0.5.1/libqinfinity/browsermodel.h Examining data/libqinfinity-0.5.1/libqinfinity/user.h Examining data/libqinfinity-0.5.1/libqinfinity/sessionproxy.cpp Examining data/libqinfinity-0.5.1/libqinfinity/browser.cpp Examining data/libqinfinity-0.5.1/libqinfinity/xmlconnection.h Examining data/libqinfinity-0.5.1/libqinfinity/qtextplugin.cpp Examining data/libqinfinity-0.5.1/libqinfinity/explorerequest.cpp Examining data/libqinfinity-0.5.1/libqinfinity/usertable.cpp Examining data/libqinfinity-0.5.1/libqinfinity/user.cpp Examining data/libqinfinity-0.5.1/libqinfinity/qgobject.h Examining data/libqinfinity-0.5.1/libqinfinity/qtio.cpp Examining data/libqinfinity-0.5.1/libqinfinity/textbuffer.h Examining data/libqinfinity-0.5.1/libqinfinity/ipaddress.h Examining data/libqinfinity-0.5.1/libqinfinity/textdefaultbuffer.h Examining data/libqinfinity-0.5.1/libqinfinity/tcpconnection.h Examining data/libqinfinity-0.5.1/libqinfinity/wrapperstore.h Examining data/libqinfinity-0.5.1/libqinfinity/qtextplugin.h Examining data/libqinfinity-0.5.1/libqinfinity/communicationmanager.cpp Examining data/libqinfinity-0.5.1/libqinfinity/communicationjoinedgroup.h Examining data/libqinfinity-0.5.1/libqinfinity/userrequest.h Examining data/libqinfinity-0.5.1/libqinfinity/browsermodel.cpp Examining data/libqinfinity-0.5.1/libqinfinity/explorerequest.h Examining data/libqinfinity-0.5.1/libqinfinity/qgobject.cpp Examining data/libqinfinity-0.5.1/libqinfinity/communicationjoinedgroup.cpp Examining data/libqinfinity-0.5.1/libqinfinity/undogrouping.cpp Examining data/libqinfinity-0.5.1/libqinfinity/session.cpp Examining data/libqinfinity-0.5.1/libqinfinity/session.h Examining data/libqinfinity-0.5.1/libqinfinity/textchunk.cpp Examining data/libqinfinity-0.5.1/libqinfinity/textdefaultbuffer.cpp Examining data/libqinfinity-0.5.1/libqinfinity/browser.h Examining data/libqinfinity-0.5.1/libqinfinity/browseriter.h Examining data/libqinfinity-0.5.1/libqinfinity/adoptedsession.cpp Examining data/libqinfinity-0.5.1/libqinfinity/noderequest.h Examining data/libqinfinity-0.5.1/libqinfinity/browseritemfactory.h Examining data/libqinfinity-0.5.1/libqinfinity/noteplugin.cpp Examining data/libqinfinity-0.5.1/libqinfinity/xmppconnection.cpp Examining data/libqinfinity-0.5.1/libqinfinity/usersmodel.h Examining data/libqinfinity-0.5.1/libqinfinity/request.h Examining data/libqinfinity-0.5.1/libqinfinity/browseritemfactory.cpp Examining data/libqinfinity-0.5.1/libqinfinity/noteplugin.h Examining data/libqinfinity-0.5.1/libqinfinity/communicationmanager.h Examining data/libqinfinity-0.5.1/libqinfinity/usertable.h FINAL RESULTS: data/libqinfinity-0.5.1/libqinfinity/noteplugin.cpp:33:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(m_name, name.toAscii()); data/libqinfinity-0.5.1/libqinfinity/tcpconnection.cpp:60:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool TcpConnection::open() data/libqinfinity-0.5.1/libqinfinity/tcpconnection.h:56:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open(); ANALYSIS SUMMARY: Hits = 3 Lines analyzed = 7861 in approximately 0.32 seconds (24615 lines/second) Physical Source Lines of Code (SLOC) = 4863 Hits@level = [0] 0 [1] 0 [2] 2 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 3 [1+] 3 [2+] 3 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 0.616903 [1+] 0.616903 [2+] 0.616903 [3+] 0.205634 [4+] 0.205634 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.