Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/redditclient/main.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/redditclient/redditmodel.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/redditclient/redditmodel.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/redditclient/redditwrapper.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/redditclient/redditwrapper.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/twittertimeline/main.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/twittertimeline/twitter.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/twittertimeline/twitter.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/twittertimeline/twittertimelinemodel.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/examples/oauth/twittertimeline/twittertimelinemodel.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/5.15.2/QtNetworkAuth/private/qabstractoauth2_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/5.15.2/QtNetworkAuth/private/qabstractoauth_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/5.15.2/QtNetworkAuth/private/qabstractoauthreplyhandler_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/5.15.2/QtNetworkAuth/private/qoauth1_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/5.15.2/QtNetworkAuth/private/qoauth1signature_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/5.15.2/QtNetworkAuth/private/qoauth2authorizationcodeflow_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/5.15.2/QtNetworkAuth/private/qoauthhttpserverreplyhandler_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qabstractoauth.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qabstractoauth2.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qabstractoauthreplyhandler.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qoauth1.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qoauth1signature.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qoauth2authorizationcodeflow.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qoauthglobal.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qoauthhttpserverreplyhandler.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qoauthoobreplyhandler.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/include/QtNetworkAuth/qtnetworkauthversion.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauth.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauth.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauth2.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauth2.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauth2_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauth_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauthreplyhandler.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauthreplyhandler.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qabstractoauthreplyhandler_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth1.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth1.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth1_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth1signature.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth1signature.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth1signature_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth2authorizationcodeflow.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth2authorizationcodeflow.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauth2authorizationcodeflow_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthglobal.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthhttpserverreplyhandler.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthhttpserverreplyhandler.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthhttpserverreplyhandler_p.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthoobreplyhandler.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthoobreplyhandler.h
Examining data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/abstractoauth/tst_abstractoauth.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/oauth1/tst_oauth1.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/oauth1signature/tst_oauth1signature.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/oauth2/tst_oauth2.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/oauthhttpserverreplyhandler/tst_oauthhttpserverreplyhandler.cpp
Examining data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/shared/webserver.h
FINAL RESULTS:
data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthhttpserverreplyhandler.cpp:147:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto c = socket->read(1).at(0);
data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthhttpserverreplyhandler.cpp:179:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto c = socket->read(1).at(0);
data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthhttpserverreplyhandler.cpp:207:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fragment += socket->read(1);
data/qtnetworkauth-everywhere-src-5.15.2/src/oauth/qoauthhttpserverreplyhandler.cpp:230:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fragment += socket->read(1);
data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/shared/webserver.h:157:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto c = socket->read(1).at(0);
data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/shared/webserver.h:191:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto c = socket->read(1).at(0);
data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/shared/webserver.h:218:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fragment += socket->read(1);
data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/shared/webserver.h:242:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fragment += socket->read(1);
data/qtnetworkauth-everywhere-src-5.15.2/tests/auto/shared/webserver.h:274:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int got = socket->read(&fragment.data()[fragment.size() - bytesLeft], bytesLeft);
ANALYSIS SUMMARY:
Hits = 9
Lines analyzed = 8161 in approximately 0.24 seconds (33404 lines/second)
Physical Source Lines of Code (SLOC) = 4686
Hits@level = [0] 0 [1] 9 [2] 0 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 9 [1+] 9 [2+] 0 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.92061 [1+] 1.92061 [2+] 0 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.