Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tanglet-1.5.6/src/beveled_rect.cpp Examining data/tanglet-1.5.6/src/beveled_rect.h Examining data/tanglet-1.5.6/src/board.cpp Examining data/tanglet-1.5.6/src/board.h Examining data/tanglet-1.5.6/src/clock.cpp Examining data/tanglet-1.5.6/src/clock.h Examining data/tanglet-1.5.6/src/generator.cpp Examining data/tanglet-1.5.6/src/generator.h Examining data/tanglet-1.5.6/src/gzip.cpp Examining data/tanglet-1.5.6/src/gzip.h Examining data/tanglet-1.5.6/src/language_dialog.cpp Examining data/tanglet-1.5.6/src/language_dialog.h Examining data/tanglet-1.5.6/src/language_settings.cpp Examining data/tanglet-1.5.6/src/language_settings.h Examining data/tanglet-1.5.6/src/letter.cpp Examining data/tanglet-1.5.6/src/letter.h Examining data/tanglet-1.5.6/src/locale_dialog.cpp Examining data/tanglet-1.5.6/src/locale_dialog.h Examining data/tanglet-1.5.6/src/main.cpp Examining data/tanglet-1.5.6/src/new_game_dialog.cpp Examining data/tanglet-1.5.6/src/new_game_dialog.h Examining data/tanglet-1.5.6/src/scores_dialog.cpp Examining data/tanglet-1.5.6/src/scores_dialog.h Examining data/tanglet-1.5.6/src/solver.cpp Examining data/tanglet-1.5.6/src/solver.h Examining data/tanglet-1.5.6/src/trie.cpp Examining data/tanglet-1.5.6/src/trie.h Examining data/tanglet-1.5.6/src/view.cpp Examining data/tanglet-1.5.6/src/view.h Examining data/tanglet-1.5.6/src/window.cpp Examining data/tanglet-1.5.6/src/window.h Examining data/tanglet-1.5.6/src/word_counts.cpp Examining data/tanglet-1.5.6/src/word_counts.h Examining data/tanglet-1.5.6/src/word_tree.cpp Examining data/tanglet-1.5.6/src/word_tree.h Examining data/tanglet-1.5.6/tools/dice/main.cpp Examining data/tanglet-1.5.6/tools/wordlist/main.cpp FINAL RESULTS: data/tanglet-1.5.6/src/language_dialog.cpp:161:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. setLanguage(QLocale::system().language()); data/tanglet-1.5.6/src/language_settings.cpp:33:53: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int language = settings.value("Language", QLocale::system().language()).toInt(); data/tanglet-1.5.6/src/generator.cpp:45:83: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. State(const QList<QStringList>& dice, Solver* solver, int target, std::mt19937* random) data/tanglet-1.5.6/src/generator.cpp:46:65: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. : m_dice(dice), m_solver(solver), m_target(target), m_random(random) data/tanglet-1.5.6/src/generator.cpp:172:15: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::mt19937 random(m_seed); data/tanglet-1.5.6/src/generator.cpp:175:19: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. m_density = gen(random); data/tanglet-1.5.6/src/generator.cpp:200:54: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. State current(dice(m_size), &solver, words_target, &random); data/tanglet-1.5.6/tools/dice/main.cpp:296:111: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::vector<QString> generateDice(const std::unordered_map<QString, qreal>& letters, int count, std::mt19937& random) data/tanglet-1.5.6/tools/dice/main.cpp:315:61: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::shuffle(single_letters.begin(), single_letters.end(), random); data/tanglet-1.5.6/tools/dice/main.cpp:326:59: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::shuffle(multi_letters.begin(), multi_letters.end(), random); data/tanglet-1.5.6/tools/dice/main.cpp:394:16: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::mt19937 random(seed); data/tanglet-1.5.6/tools/dice/main.cpp:397:14: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::cout.setstate(std::ios::failbit); data/tanglet-1.5.6/tools/dice/main.cpp:405:48: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. const auto small = generateDice(letters, 16, random); data/tanglet-1.5.6/tools/dice/main.cpp:406:48: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. const auto large = generateDice(letters, 25, random); data/tanglet-1.5.6/src/generator.cpp:260:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QFile::ReadOnly | QIODevice::Text)) { data/tanglet-1.5.6/src/generator.cpp:295:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QFile::ReadOnly)) { data/tanglet-1.5.6/src/generator.cpp:340:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QFile::WriteOnly)) { data/tanglet-1.5.6/src/gzip.cpp:34:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::ReadOnly)) { data/tanglet-1.5.6/src/gzip.cpp:40:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::WriteOnly)) { data/tanglet-1.5.6/src/gzip.cpp:59:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::ReadOnly)) { data/tanglet-1.5.6/src/gzip.cpp:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[buffer_size]; data/tanglet-1.5.6/src/language_dialog.cpp:54:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QFile::ReadOnly | QFile::Text)) { data/tanglet-1.5.6/src/language_settings.cpp:159:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QFile::ReadOnly | QFile::Text)) { data/tanglet-1.5.6/src/scores_dialog.cpp:66:3: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR buffer[UNLEN + 1]; data/tanglet-1.5.6/src/window.cpp:261:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QIODevice::ReadOnly | QIODevice::Text)) { data/tanglet-1.5.6/src/window.cpp:511:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open()) { data/tanglet-1.5.6/src/window.cpp:637:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QFile::ReadOnly)) { data/tanglet-1.5.6/src/window.cpp:644:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QFile::ReadOnly)) { data/tanglet-1.5.6/src/window.cpp:852:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::WriteOnly)) { data/tanglet-1.5.6/src/window.cpp:865:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::WriteOnly)) { data/tanglet-1.5.6/src/window.cpp:874:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::WriteOnly)) { data/tanglet-1.5.6/tools/dice/main.cpp:78:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QFile::ReadOnly)) { data/tanglet-1.5.6/tools/dice/main.cpp:114:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!out.open(QIODevice::WriteOnly | QIODevice::Truncate | QIODevice::Text)) { data/tanglet-1.5.6/tools/wordlist/main.cpp:180:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!in.open(QIODevice::ReadOnly | QIODevice::Text)) { data/tanglet-1.5.6/tools/wordlist/main.cpp:218:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buffer.open(QIODevice::WriteOnly | QIODevice::Text); data/tanglet-1.5.6/tools/wordlist/main.cpp:250:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!out.open(QIODevice::WriteOnly | QIODevice::Truncate)) { data/tanglet-1.5.6/src/gzip.cpp:72:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). data.append(buffer, read); data/tanglet-1.5.6/src/gzip.cpp:74:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). } while (read > 0); data/tanglet-1.5.6/tools/dice/main.cpp:90:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). data.append(buffer.constData(), read); data/tanglet-1.5.6/tools/dice/main.cpp:95:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). } while (read > 0); ANALYSIS SUMMARY: Hits = 40 Lines analyzed = 7177 in approximately 0.20 seconds (35020 lines/second) Physical Source Lines of Code (SLOC) = 4947 Hits@level = [0] 0 [1] 4 [2] 22 [3] 12 [4] 2 [5] 0 Hits@level+ = [0+] 40 [1+] 40 [2+] 36 [3+] 14 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 8.08571 [1+] 8.08571 [2+] 7.27714 [3+] 2.83 [4+] 0.404285 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.