stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/qt-gstreamer-1.2.0/codegen/generator.cpp
Examining data/qt-gstreamer-1.2.0/codegen/generator.h
Examining data/qt-gstreamer-1.2.0/codegen/yystype.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/autotest.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/basedelegate.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/basedelegate.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/qtquick2videosinkdelegate.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/qtquick2videosinkdelegate.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/qtvideosinkdelegate.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/qtvideosinkdelegate.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/qwidgetvideosinkdelegate.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/delegates/qwidgetvideosinkdelegate.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtglvideosink.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtglvideosink.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtglvideosinkbase.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtglvideosinkbase.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtquick2videosink.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtquick2videosink.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtvideosink.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtvideosink.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtvideosinkbase.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtvideosinkbase.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtvideosinkplugin.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqtvideosinkplugin.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqwidgetvideosink.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/gstqwidgetvideosink.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/abstractsurfacepainter.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/genericsurfacepainter.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/genericsurfacepainter.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/openglsurfacepainter.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/openglsurfacepainter.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/videomaterial.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/videomaterial.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/videonode.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/painters/videonode.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/utils/bufferformat.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/utils/bufferformat.h
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/utils/utils.cpp
Examining data/qt-gstreamer-1.2.0/elements/gstqtvideosink/utils/utils.h
Examining data/qt-gstreamer-1.2.0/examples/appsink-src/main.cpp
Examining data/qt-gstreamer-1.2.0/examples/player/main.cpp
Examining data/qt-gstreamer-1.2.0/examples/player/mediaapp.cpp
Examining data/qt-gstreamer-1.2.0/examples/player/mediaapp.h
Examining data/qt-gstreamer-1.2.0/examples/player/player.cpp
Examining data/qt-gstreamer-1.2.0/examples/player/player.h
Examining data/qt-gstreamer-1.2.0/examples/qmlplayer/main.cpp
Examining data/qt-gstreamer-1.2.0/examples/qmlplayer/player.cpp
Examining data/qt-gstreamer-1.2.0/examples/qmlplayer/player.h
Examining data/qt-gstreamer-1.2.0/examples/qmlplayer2/main.cpp
Examining data/qt-gstreamer-1.2.0/examples/qmlplayer2/player.cpp
Examining data/qt-gstreamer-1.2.0/examples/qmlplayer2/player.h
Examining data/qt-gstreamer-1.2.0/examples/recorder/main.cpp
Examining data/qt-gstreamer-1.2.0/examples/voip/main.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/emitimpl.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/error.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/error.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/gen.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/global.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/init.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/init.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/object.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/object.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/paramspec.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/paramspec.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/qglib_signal.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/quark.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/quark.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/signal.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/string_p.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/type.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/type.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/wrap.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/wrap.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/connect.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/connect.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/connectimpl.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/refpointer.h
Examining data/qt-gstreamer-1.2.0/src/QGlib/value.cpp
Examining data/qt-gstreamer-1.2.0/src/QGlib/value.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Quick/global.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Quick/videoitem.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/Quick/videoitem.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Quick/videosurface.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/Quick/videosurface.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Quick/videosurface_p.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/global.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/graphicsvideosurface.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/graphicsvideosurface.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/graphicsvideosurface_p.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/graphicsvideowidget.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/graphicsvideowidget.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/videowidget.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/Ui/videowidget.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Utils/applicationsink.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/Utils/applicationsink.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Utils/applicationsource.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/Utils/applicationsource.h
Examining data/qt-gstreamer-1.2.0/src/QGst/Utils/global.h
Examining data/qt-gstreamer-1.2.0/src/QGst/allocator.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/allocator.h
Examining data/qt-gstreamer-1.2.0/src/QGst/bin.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/bin.h
Examining data/qt-gstreamer-1.2.0/src/QGst/buffer.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/buffer.h
Examining data/qt-gstreamer-1.2.0/src/QGst/bufferlist.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/bufferlist.h
Examining data/qt-gstreamer-1.2.0/src/QGst/bus.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/bus.h
Examining data/qt-gstreamer-1.2.0/src/QGst/caps.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/caps.h
Examining data/qt-gstreamer-1.2.0/src/QGst/childproxy.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/childproxy.h
Examining data/qt-gstreamer-1.2.0/src/QGst/clock.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/clock.h
Examining data/qt-gstreamer-1.2.0/src/QGst/clocktime.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/clocktime.h
Examining data/qt-gstreamer-1.2.0/src/QGst/colorbalance.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/colorbalance.h
Examining data/qt-gstreamer-1.2.0/src/QGst/discoverer.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/discoverer.h
Examining data/qt-gstreamer-1.2.0/src/QGst/element.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/element.h
Examining data/qt-gstreamer-1.2.0/src/QGst/elementfactory.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/elementfactory.h
Examining data/qt-gstreamer-1.2.0/src/QGst/enums.h
Examining data/qt-gstreamer-1.2.0/src/QGst/event.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/event.h
Examining data/qt-gstreamer-1.2.0/src/QGst/gen.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/ghostpad.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/ghostpad.h
Examining data/qt-gstreamer-1.2.0/src/QGst/global.h
Examining data/qt-gstreamer-1.2.0/src/QGst/init.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/init.h
Examining data/qt-gstreamer-1.2.0/src/QGst/memory.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/memory.h
Examining data/qt-gstreamer-1.2.0/src/QGst/message.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/message.h
Examining data/qt-gstreamer-1.2.0/src/QGst/miniobject.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/miniobject.h
Examining data/qt-gstreamer-1.2.0/src/QGst/object.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/object.h
Examining data/qt-gstreamer-1.2.0/src/QGst/objectstore.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/objectstore_p.h
Examining data/qt-gstreamer-1.2.0/src/QGst/pad.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/pad.h
Examining data/qt-gstreamer-1.2.0/src/QGst/parse.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/parse.h
Examining data/qt-gstreamer-1.2.0/src/QGst/pipeline.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/pipeline.h
Examining data/qt-gstreamer-1.2.0/src/QGst/pluginfeature.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/pluginfeature.h
Examining data/qt-gstreamer-1.2.0/src/QGst/query.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/query.h
Examining data/qt-gstreamer-1.2.0/src/QGst/sample.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/sample.h
Examining data/qt-gstreamer-1.2.0/src/QGst/segment.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/segment.h
Examining data/qt-gstreamer-1.2.0/src/QGst/streamvolume.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/streamvolume.h
Examining data/qt-gstreamer-1.2.0/src/QGst/structs.h
Examining data/qt-gstreamer-1.2.0/src/QGst/structure.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/structure.h
Examining data/qt-gstreamer-1.2.0/src/QGst/taglist.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/taglist.h
Examining data/qt-gstreamer-1.2.0/src/QGst/urihandler.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/urihandler.h
Examining data/qt-gstreamer-1.2.0/src/QGst/value.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/videoorientation.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/videoorientation.h
Examining data/qt-gstreamer-1.2.0/src/QGst/videooverlay.cpp
Examining data/qt-gstreamer-1.2.0/src/QGst/videooverlay.h
Examining data/qt-gstreamer-1.2.0/src/qml/quick1/plugin.cpp
Examining data/qt-gstreamer-1.2.0/src/qml/quick1/videoitem.cpp
Examining data/qt-gstreamer-1.2.0/src/qml/quick1/videoitem.h
Examining data/qt-gstreamer-1.2.0/src/qml/quick2/plugin.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/allocatortest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/buffertest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/bustest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/capstest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/childproxytest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/clocktest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/discoverertest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/eventtest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/memorytest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/messagetest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/padtest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/parsetest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/propertiestest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/qgsttest.h
Examining data/qt-gstreamer-1.2.0/tests/auto/querytest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/refpointertest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/signalstest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/structstest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/structuretest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/taglisttest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/urihandlertest.cpp
Examining data/qt-gstreamer-1.2.0/tests/auto/valuetest.cpp
Examining data/qt-gstreamer-1.2.0/tests/manual/qwidgetvideosinktest.cpp
Examining data/qt-gstreamer-1.2.0/tests/manual/videoorientationtest.cpp
Examining data/qt-gstreamer-1.2.0/tests/manual/videowidgetpipelinetest.cpp
Examining data/qt-gstreamer-1.2.0/tests/manual/videowidgettest.cpp

FINAL RESULTS:

data/qt-gstreamer-1.2.0/tests/auto/allocatortest.cpp:68:24:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    QGst::AllocatorPtr system(QGst::Allocator::getSystemMemory());
data/qt-gstreamer-1.2.0/tests/auto/allocatortest.cpp:69:13:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    QVERIFY(system);
data/qt-gstreamer-1.2.0/tests/auto/allocatortest.cpp:70:52:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    QCOMPARE(g_system, static_cast<GstAllocator *>(system));
data/qt-gstreamer-1.2.0/codegen/generator.cpp:85:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = std::fopen(QFile::encodeName(fileName), "r");
data/qt-gstreamer-1.2.0/examples/player/mediaapp.cpp:71:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void MediaApp::open()
data/qt-gstreamer-1.2.0/examples/player/mediaapp.cpp:219:42:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                              this, SLOT(open()), btnLayout);
data/qt-gstreamer-1.2.0/examples/player/mediaapp.h:43:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    void open();
data/qt-gstreamer-1.2.0/examples/qmlplayer/player.cpp:51:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
void Player::open()
data/qt-gstreamer-1.2.0/examples/qmlplayer/player.h:37:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    void open();
data/qt-gstreamer-1.2.0/src/QGst/structs.h:37:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        inline Fourcc(const char str[4])

ANALYSIS SUMMARY:

Hits = 10
Lines analyzed = 30835 in approximately 0.77 seconds (40219 lines/second)
Physical Source Lines of Code (SLOC) = 20239
Hits@level = [0]   0 [1]   0 [2]   7 [3]   0 [4]   3 [5]   0
Hits@level+ = [0+]  10 [1+]  10 [2+]  10 [3+]   3 [4+]   3 [5+]   0
Hits/KSLOC@level+ = [0+] 0.494096 [1+] 0.494096 [2+] 0.494096 [3+] 0.148229 [4+] 0.148229 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.