Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tanglet-1.5.6/src/beveled_rect.cpp
Examining data/tanglet-1.5.6/src/beveled_rect.h
Examining data/tanglet-1.5.6/src/board.cpp
Examining data/tanglet-1.5.6/src/board.h
Examining data/tanglet-1.5.6/src/clock.cpp
Examining data/tanglet-1.5.6/src/clock.h
Examining data/tanglet-1.5.6/src/generator.cpp
Examining data/tanglet-1.5.6/src/generator.h
Examining data/tanglet-1.5.6/src/gzip.cpp
Examining data/tanglet-1.5.6/src/gzip.h
Examining data/tanglet-1.5.6/src/language_dialog.cpp
Examining data/tanglet-1.5.6/src/language_dialog.h
Examining data/tanglet-1.5.6/src/language_settings.cpp
Examining data/tanglet-1.5.6/src/language_settings.h
Examining data/tanglet-1.5.6/src/letter.cpp
Examining data/tanglet-1.5.6/src/letter.h
Examining data/tanglet-1.5.6/src/locale_dialog.cpp
Examining data/tanglet-1.5.6/src/locale_dialog.h
Examining data/tanglet-1.5.6/src/main.cpp
Examining data/tanglet-1.5.6/src/new_game_dialog.cpp
Examining data/tanglet-1.5.6/src/new_game_dialog.h
Examining data/tanglet-1.5.6/src/scores_dialog.cpp
Examining data/tanglet-1.5.6/src/scores_dialog.h
Examining data/tanglet-1.5.6/src/solver.cpp
Examining data/tanglet-1.5.6/src/solver.h
Examining data/tanglet-1.5.6/src/trie.cpp
Examining data/tanglet-1.5.6/src/trie.h
Examining data/tanglet-1.5.6/src/view.cpp
Examining data/tanglet-1.5.6/src/view.h
Examining data/tanglet-1.5.6/src/window.cpp
Examining data/tanglet-1.5.6/src/window.h
Examining data/tanglet-1.5.6/src/word_counts.cpp
Examining data/tanglet-1.5.6/src/word_counts.h
Examining data/tanglet-1.5.6/src/word_tree.cpp
Examining data/tanglet-1.5.6/src/word_tree.h
Examining data/tanglet-1.5.6/tools/dice/main.cpp
Examining data/tanglet-1.5.6/tools/wordlist/main.cpp
FINAL RESULTS:
data/tanglet-1.5.6/src/language_dialog.cpp:161:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
setLanguage(QLocale::system().language());
data/tanglet-1.5.6/src/language_settings.cpp:33:53: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int language = settings.value("Language", QLocale::system().language()).toInt();
data/tanglet-1.5.6/src/generator.cpp:45:83: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
State(const QList<QStringList>& dice, Solver* solver, int target, std::mt19937* random)
data/tanglet-1.5.6/src/generator.cpp:46:65: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
: m_dice(dice), m_solver(solver), m_target(target), m_random(random)
data/tanglet-1.5.6/src/generator.cpp:172:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::mt19937 random(m_seed);
data/tanglet-1.5.6/src/generator.cpp:175:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
m_density = gen(random);
data/tanglet-1.5.6/src/generator.cpp:200:54: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
State current(dice(m_size), &solver, words_target, &random);
data/tanglet-1.5.6/tools/dice/main.cpp:296:111: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::vector<QString> generateDice(const std::unordered_map<QString, qreal>& letters, int count, std::mt19937& random)
data/tanglet-1.5.6/tools/dice/main.cpp:315:61: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::shuffle(single_letters.begin(), single_letters.end(), random);
data/tanglet-1.5.6/tools/dice/main.cpp:326:59: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::shuffle(multi_letters.begin(), multi_letters.end(), random);
data/tanglet-1.5.6/tools/dice/main.cpp:394:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::mt19937 random(seed);
data/tanglet-1.5.6/tools/dice/main.cpp:397:14: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::cout.setstate(std::ios::failbit);
data/tanglet-1.5.6/tools/dice/main.cpp:405:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
const auto small = generateDice(letters, 16, random);
data/tanglet-1.5.6/tools/dice/main.cpp:406:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
const auto large = generateDice(letters, 25, random);
data/tanglet-1.5.6/src/generator.cpp:260:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::ReadOnly | QIODevice::Text)) {
data/tanglet-1.5.6/src/generator.cpp:295:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::ReadOnly)) {
data/tanglet-1.5.6/src/generator.cpp:340:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::WriteOnly)) {
data/tanglet-1.5.6/src/gzip.cpp:34:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::ReadOnly)) {
data/tanglet-1.5.6/src/gzip.cpp:40:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::WriteOnly)) {
data/tanglet-1.5.6/src/gzip.cpp:59:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::ReadOnly)) {
data/tanglet-1.5.6/src/gzip.cpp:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[buffer_size];
data/tanglet-1.5.6/src/language_dialog.cpp:54:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::ReadOnly | QFile::Text)) {
data/tanglet-1.5.6/src/language_settings.cpp:159:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::ReadOnly | QFile::Text)) {
data/tanglet-1.5.6/src/scores_dialog.cpp:66:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR buffer[UNLEN + 1];
data/tanglet-1.5.6/src/window.cpp:261:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/tanglet-1.5.6/src/window.cpp:511:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open()) {
data/tanglet-1.5.6/src/window.cpp:637:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::ReadOnly)) {
data/tanglet-1.5.6/src/window.cpp:644:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::ReadOnly)) {
data/tanglet-1.5.6/src/window.cpp:852:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::WriteOnly)) {
data/tanglet-1.5.6/src/window.cpp:865:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::WriteOnly)) {
data/tanglet-1.5.6/src/window.cpp:874:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::WriteOnly)) {
data/tanglet-1.5.6/tools/dice/main.cpp:78:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QFile::ReadOnly)) {
data/tanglet-1.5.6/tools/dice/main.cpp:114:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!out.open(QIODevice::WriteOnly | QIODevice::Truncate | QIODevice::Text)) {
data/tanglet-1.5.6/tools/wordlist/main.cpp:180:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!in.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/tanglet-1.5.6/tools/wordlist/main.cpp:218:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer.open(QIODevice::WriteOnly | QIODevice::Text);
data/tanglet-1.5.6/tools/wordlist/main.cpp:250:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!out.open(QIODevice::WriteOnly | QIODevice::Truncate)) {
data/tanglet-1.5.6/src/gzip.cpp:72:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.append(buffer, read);
data/tanglet-1.5.6/src/gzip.cpp:74:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} while (read > 0);
data/tanglet-1.5.6/tools/dice/main.cpp:90:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.append(buffer.constData(), read);
data/tanglet-1.5.6/tools/dice/main.cpp:95:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} while (read > 0);
ANALYSIS SUMMARY:
Hits = 40
Lines analyzed = 7177 in approximately 0.20 seconds (35020 lines/second)
Physical Source Lines of Code (SLOC) = 4947
Hits@level = [0] 0 [1] 4 [2] 22 [3] 12 [4] 2 [5] 0
Hits@level+ = [0+] 40 [1+] 40 [2+] 36 [3+] 14 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 8.08571 [1+] 8.08571 [2+] 7.27714 [3+] 2.83 [4+] 0.404285 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.