Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/stacer-1.1.0/stacer/app.cpp
Examining data/stacer-1.1.0/stacer/app.h
Examining data/stacer-1.1.0/stacer/signal_mapper.h
Examining data/stacer-1.1.0/stacer/sliding_stacked_widget.h
Examining data/stacer-1.1.0/stacer/utilities.h
Examining data/stacer-1.1.0/stacer/main.cpp
Examining data/stacer-1.1.0/stacer/sliding_stacked_widget.cpp
Examining data/stacer-1.1.0/stacer/signal_mapper.cpp
Examining data/stacer-1.1.0/stacer/Managers/app_manager.cpp
Examining data/stacer-1.1.0/stacer/Managers/tool_manager.h
Examining data/stacer-1.1.0/stacer/Managers/tool_manager.cpp
Examining data/stacer-1.1.0/stacer/Managers/info_manager.h
Examining data/stacer-1.1.0/stacer/Managers/setting_manager.h
Examining data/stacer-1.1.0/stacer/Managers/setting_manager.cpp
Examining data/stacer-1.1.0/stacer/Managers/app_manager.h
Examining data/stacer-1.1.0/stacer/Managers/info_manager.cpp
Examining data/stacer-1.1.0/stacer/Pages/Dashboard/circlebar.h
Examining data/stacer-1.1.0/stacer/Pages/Dashboard/dashboard_page.h
Examining data/stacer-1.1.0/stacer/Pages/Dashboard/linebar.h
Examining data/stacer-1.1.0/stacer/Pages/Dashboard/linebar.cpp
Examining data/stacer-1.1.0/stacer/Pages/Dashboard/dashboard_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Dashboard/circlebar.cpp
Examining data/stacer-1.1.0/stacer/Pages/Helpers/helpers_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Helpers/helpers_page.h
Examining data/stacer-1.1.0/stacer/Pages/Helpers/host_manage.h
Examining data/stacer-1.1.0/stacer/Pages/Helpers/host_manage.cpp
Examining data/stacer-1.1.0/stacer/Pages/Processes/processes_page.h
Examining data/stacer-1.1.0/stacer/Pages/Processes/processes_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_edit.h
Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_edit.cpp
Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_repository_item.h
Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_repository_item.cpp
Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_manager_page.h
Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_manager_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Search/search_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Search/search_page.h
Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app.cpp
Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_apps_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_apps_page.h
Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app.h
Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app_edit.h
Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app_edit.cpp
Examining data/stacer-1.1.0/stacer/Pages/Settings/settings_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Settings/settings_page.h
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/gnome_settings_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/window_manager_settings.cpp
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/unity_settings.cpp
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/appearance_settings.cpp
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/gnome_settings_page.h
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/window_manager_settings.h
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/appearance_settings.h
Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/unity_settings.h
Examining data/stacer-1.1.0/stacer/Pages/Resources/history_chart.h
Examining data/stacer-1.1.0/stacer/Pages/Resources/resources_page.h
Examining data/stacer-1.1.0/stacer/Pages/Resources/history_chart.cpp
Examining data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/SystemCleaner/system_cleaner_page.h
Examining data/stacer-1.1.0/stacer/Pages/SystemCleaner/system_cleaner_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Uninstaller/uninstaller_page.h
Examining data/stacer-1.1.0/stacer/Pages/Uninstaller/uninstaller_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Services/service_item.h
Examining data/stacer-1.1.0/stacer/Pages/Services/service_item.cpp
Examining data/stacer-1.1.0/stacer/Pages/Services/services_page.cpp
Examining data/stacer-1.1.0/stacer/Pages/Services/services_page.h
Examining data/stacer-1.1.0/stacer/feedback.h
Examining data/stacer-1.1.0/stacer/feedback.cpp
Examining data/stacer-1.1.0/stacer-core/stacer-core_global.h
Examining data/stacer-1.1.0/stacer-core/Info/memory_info.cpp
Examining data/stacer-1.1.0/stacer-core/Info/network_info.cpp
Examining data/stacer-1.1.0/stacer-core/Info/cpu_info.h
Examining data/stacer-1.1.0/stacer-core/Info/memory_info.h
Examining data/stacer-1.1.0/stacer-core/Info/process_info.cpp
Examining data/stacer-1.1.0/stacer-core/Info/process.cpp
Examining data/stacer-1.1.0/stacer-core/Info/cpu_info.cpp
Examining data/stacer-1.1.0/stacer-core/Info/process_info.h
Examining data/stacer-1.1.0/stacer-core/Info/disk_info.h
Examining data/stacer-1.1.0/stacer-core/Info/process.h
Examining data/stacer-1.1.0/stacer-core/Info/disk_info.cpp
Examining data/stacer-1.1.0/stacer-core/Info/network_info.h
Examining data/stacer-1.1.0/stacer-core/Info/system_info.h
Examining data/stacer-1.1.0/stacer-core/Info/system_info.cpp
Examining data/stacer-1.1.0/stacer-core/Tools/package_tool.cpp
Examining data/stacer-1.1.0/stacer-core/Tools/gnome_schema.h
Examining data/stacer-1.1.0/stacer-core/Tools/service_tool.cpp
Examining data/stacer-1.1.0/stacer-core/Tools/gnome_settings_tool.cpp
Examining data/stacer-1.1.0/stacer-core/Tools/service_tool.h
Examining data/stacer-1.1.0/stacer-core/Tools/package_tool.h
Examining data/stacer-1.1.0/stacer-core/Tools/gnome_settings_tool.h
Examining data/stacer-1.1.0/stacer-core/Tools/apt_source_tool.cpp
Examining data/stacer-1.1.0/stacer-core/Tools/apt_source_tool.h
Examining data/stacer-1.1.0/stacer-core/Utils/format_util.h
Examining data/stacer-1.1.0/stacer-core/Utils/file_util.cpp
Examining data/stacer-1.1.0/stacer-core/Utils/file_util.h
Examining data/stacer-1.1.0/stacer-core/Utils/format_util.cpp
Examining data/stacer-1.1.0/stacer-core/Utils/command_util.h
Examining data/stacer-1.1.0/stacer-core/Utils/command_util.cpp
FINAL RESULTS:
data/stacer-1.1.0/stacer-core/Utils/format_util.cpp:7:39: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define formatUnit(v, u, t) QString().sprintf("%.1f %s", \
data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp:69:52: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
.arg(QString().sprintf("%1.2f%%", slice->percentage() * 100)));
data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp:354:46: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
.arg(QString().sprintf("%.1f",percent))
data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp:363:46: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
.arg(QString().sprintf("%.1f",percent2))
data/stacer-1.1.0/stacer-core/Utils/file_util.cpp:14:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(file->open(mode)) {
data/stacer-1.1.0/stacer-core/Utils/file_util.cpp:35:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(file.open(mode))
data/stacer-1.1.0/stacer/Pages/StartupApps/startup_apps_page.cpp:25:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
autostart_file.open(QIODevice::ReadOnly | QIODevice::Text);
data/stacer-1.1.0/stacer/main.cpp:42:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly | openMode)) {
ANALYSIS SUMMARY:
Hits = 8
Lines analyzed = 8586 in approximately 0.28 seconds (30269 lines/second)
Physical Source Lines of Code (SLOC) = 6463
Hits@level = [0] 0 [1] 0 [2] 4 [3] 0 [4] 4 [5] 0
Hits@level+ = [0+] 8 [1+] 8 [2+] 8 [3+] 4 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 1.23782 [1+] 1.23782 [2+] 1.23782 [3+] 0.618908 [4+] 0.618908 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.