Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/stacer-1.1.0/stacer/app.cpp Examining data/stacer-1.1.0/stacer/app.h Examining data/stacer-1.1.0/stacer/signal_mapper.h Examining data/stacer-1.1.0/stacer/sliding_stacked_widget.h Examining data/stacer-1.1.0/stacer/utilities.h Examining data/stacer-1.1.0/stacer/main.cpp Examining data/stacer-1.1.0/stacer/sliding_stacked_widget.cpp Examining data/stacer-1.1.0/stacer/signal_mapper.cpp Examining data/stacer-1.1.0/stacer/Managers/app_manager.cpp Examining data/stacer-1.1.0/stacer/Managers/tool_manager.h Examining data/stacer-1.1.0/stacer/Managers/tool_manager.cpp Examining data/stacer-1.1.0/stacer/Managers/info_manager.h Examining data/stacer-1.1.0/stacer/Managers/setting_manager.h Examining data/stacer-1.1.0/stacer/Managers/setting_manager.cpp Examining data/stacer-1.1.0/stacer/Managers/app_manager.h Examining data/stacer-1.1.0/stacer/Managers/info_manager.cpp Examining data/stacer-1.1.0/stacer/Pages/Dashboard/circlebar.h Examining data/stacer-1.1.0/stacer/Pages/Dashboard/dashboard_page.h Examining data/stacer-1.1.0/stacer/Pages/Dashboard/linebar.h Examining data/stacer-1.1.0/stacer/Pages/Dashboard/linebar.cpp Examining data/stacer-1.1.0/stacer/Pages/Dashboard/dashboard_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Dashboard/circlebar.cpp Examining data/stacer-1.1.0/stacer/Pages/Helpers/helpers_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Helpers/helpers_page.h Examining data/stacer-1.1.0/stacer/Pages/Helpers/host_manage.h Examining data/stacer-1.1.0/stacer/Pages/Helpers/host_manage.cpp Examining data/stacer-1.1.0/stacer/Pages/Processes/processes_page.h Examining data/stacer-1.1.0/stacer/Pages/Processes/processes_page.cpp Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_edit.h Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_edit.cpp Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_repository_item.h Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_repository_item.cpp Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_manager_page.h Examining data/stacer-1.1.0/stacer/Pages/AptSourceManager/apt_source_manager_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Search/search_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Search/search_page.h Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app.cpp Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_apps_page.cpp Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_apps_page.h Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app.h Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app_edit.h Examining data/stacer-1.1.0/stacer/Pages/StartupApps/startup_app_edit.cpp Examining data/stacer-1.1.0/stacer/Pages/Settings/settings_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Settings/settings_page.h Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/gnome_settings_page.cpp Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/window_manager_settings.cpp Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/unity_settings.cpp Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/appearance_settings.cpp Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/gnome_settings_page.h Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/window_manager_settings.h Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/appearance_settings.h Examining data/stacer-1.1.0/stacer/Pages/GnomeSettings/unity_settings.h Examining data/stacer-1.1.0/stacer/Pages/Resources/history_chart.h Examining data/stacer-1.1.0/stacer/Pages/Resources/resources_page.h Examining data/stacer-1.1.0/stacer/Pages/Resources/history_chart.cpp Examining data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp Examining data/stacer-1.1.0/stacer/Pages/SystemCleaner/system_cleaner_page.h Examining data/stacer-1.1.0/stacer/Pages/SystemCleaner/system_cleaner_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Uninstaller/uninstaller_page.h Examining data/stacer-1.1.0/stacer/Pages/Uninstaller/uninstaller_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Services/service_item.h Examining data/stacer-1.1.0/stacer/Pages/Services/service_item.cpp Examining data/stacer-1.1.0/stacer/Pages/Services/services_page.cpp Examining data/stacer-1.1.0/stacer/Pages/Services/services_page.h Examining data/stacer-1.1.0/stacer/feedback.h Examining data/stacer-1.1.0/stacer/feedback.cpp Examining data/stacer-1.1.0/stacer-core/stacer-core_global.h Examining data/stacer-1.1.0/stacer-core/Info/memory_info.cpp Examining data/stacer-1.1.0/stacer-core/Info/network_info.cpp Examining data/stacer-1.1.0/stacer-core/Info/cpu_info.h Examining data/stacer-1.1.0/stacer-core/Info/memory_info.h Examining data/stacer-1.1.0/stacer-core/Info/process_info.cpp Examining data/stacer-1.1.0/stacer-core/Info/process.cpp Examining data/stacer-1.1.0/stacer-core/Info/cpu_info.cpp Examining data/stacer-1.1.0/stacer-core/Info/process_info.h Examining data/stacer-1.1.0/stacer-core/Info/disk_info.h Examining data/stacer-1.1.0/stacer-core/Info/process.h Examining data/stacer-1.1.0/stacer-core/Info/disk_info.cpp Examining data/stacer-1.1.0/stacer-core/Info/network_info.h Examining data/stacer-1.1.0/stacer-core/Info/system_info.h Examining data/stacer-1.1.0/stacer-core/Info/system_info.cpp Examining data/stacer-1.1.0/stacer-core/Tools/package_tool.cpp Examining data/stacer-1.1.0/stacer-core/Tools/gnome_schema.h Examining data/stacer-1.1.0/stacer-core/Tools/service_tool.cpp Examining data/stacer-1.1.0/stacer-core/Tools/gnome_settings_tool.cpp Examining data/stacer-1.1.0/stacer-core/Tools/service_tool.h Examining data/stacer-1.1.0/stacer-core/Tools/package_tool.h Examining data/stacer-1.1.0/stacer-core/Tools/gnome_settings_tool.h Examining data/stacer-1.1.0/stacer-core/Tools/apt_source_tool.cpp Examining data/stacer-1.1.0/stacer-core/Tools/apt_source_tool.h Examining data/stacer-1.1.0/stacer-core/Utils/format_util.h Examining data/stacer-1.1.0/stacer-core/Utils/file_util.cpp Examining data/stacer-1.1.0/stacer-core/Utils/file_util.h Examining data/stacer-1.1.0/stacer-core/Utils/format_util.cpp Examining data/stacer-1.1.0/stacer-core/Utils/command_util.h Examining data/stacer-1.1.0/stacer-core/Utils/command_util.cpp FINAL RESULTS: data/stacer-1.1.0/stacer-core/Utils/format_util.cpp:7:39: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. #define formatUnit(v, u, t) QString().sprintf("%.1f %s", \ data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp:69:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. .arg(QString().sprintf("%1.2f%%", slice->percentage() * 100))); data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp:354:46: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. .arg(QString().sprintf("%.1f",percent)) data/stacer-1.1.0/stacer/Pages/Resources/resources_page.cpp:363:46: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. .arg(QString().sprintf("%.1f",percent2)) data/stacer-1.1.0/stacer-core/Utils/file_util.cpp:14:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(file->open(mode)) { data/stacer-1.1.0/stacer-core/Utils/file_util.cpp:35:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(file.open(mode)) data/stacer-1.1.0/stacer/Pages/StartupApps/startup_apps_page.cpp:25:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). autostart_file.open(QIODevice::ReadOnly | QIODevice::Text); data/stacer-1.1.0/stacer/main.cpp:42:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QIODevice::WriteOnly | openMode)) { ANALYSIS SUMMARY: Hits = 8 Lines analyzed = 8586 in approximately 0.28 seconds (30269 lines/second) Physical Source Lines of Code (SLOC) = 6463 Hits@level = [0] 0 [1] 0 [2] 4 [3] 0 [4] 4 [5] 0 Hits@level+ = [0+] 8 [1+] 8 [2+] 8 [3+] 4 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 1.23782 [1+] 1.23782 [2+] 1.23782 [3+] 0.618908 [4+] 0.618908 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.