stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/bluez-qt-5.74.0/autotests/qmltests.cpp
Examining data/bluez-qt-5.74.0/autotests/gattmanagertest.h
Examining data/bluez-qt-5.74.0/autotests/managertest.cpp
Examining data/bluez-qt-5.74.0/autotests/jobstest.h
Examining data/bluez-qt-5.74.0/autotests/inputtest.h
Examining data/bluez-qt-5.74.0/autotests/leadvertisingmanagertest.cpp
Examining data/bluez-qt-5.74.0/autotests/mediatransporttest.cpp
Examining data/bluez-qt-5.74.0/autotests/autotests.h
Examining data/bluez-qt-5.74.0/autotests/adaptertest.h
Examining data/bluez-qt-5.74.0/autotests/devicetest.h
Examining data/bluez-qt-5.74.0/autotests/batterytest.cpp
Examining data/bluez-qt-5.74.0/autotests/inputtest.cpp
Examining data/bluez-qt-5.74.0/autotests/jobstest.cpp
Examining data/bluez-qt-5.74.0/autotests/mediaplayertest.h
Examining data/bluez-qt-5.74.0/autotests/devicetest.cpp
Examining data/bluez-qt-5.74.0/autotests/batterytest.h
Examining data/bluez-qt-5.74.0/autotests/mediatransporttest.h
Examining data/bluez-qt-5.74.0/autotests/autotests.cpp
Examining data/bluez-qt-5.74.0/autotests/adaptertest.cpp
Examining data/bluez-qt-5.74.0/autotests/agentmanagertest.h
Examining data/bluez-qt-5.74.0/autotests/agentmanagertest.cpp
Examining data/bluez-qt-5.74.0/autotests/obexmanagertest.cpp
Examining data/bluez-qt-5.74.0/autotests/obexmanagertest.h
Examining data/bluez-qt-5.74.0/autotests/mediatest.cpp
Examining data/bluez-qt-5.74.0/autotests/mediatest.h
Examining data/bluez-qt-5.74.0/autotests/mediaplayertest.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/mediainterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/adapterinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/obexagentmanager.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/mediaplayerinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/batteryinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/mediatransportinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/inputinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/fakebluez.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/batteryinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/mediaplayerinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/deviceinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/agentmanager.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/inputinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/gattmanagerinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/testinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/mediainterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/object.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/profilemanager.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/leadvertisingmanagerinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/mediatransportinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/obexclient.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/objectmanager.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/leadvertisingmanagerinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/gattmanagerinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/obexclient.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/main.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/agentmanager.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/profilemanager.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/object.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/devicemanager.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/obexagentmanager.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/objectmanager.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/devicemanager.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/adapterinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/testinterface.h
Examining data/bluez-qt-5.74.0/autotests/fakebluez/deviceinterface.cpp
Examining data/bluez-qt-5.74.0/autotests/fakebluez/fakebluez.cpp
Examining data/bluez-qt-5.74.0/autotests/managertest.h
Examining data/bluez-qt-5.74.0/autotests/leadvertisingmanagertest.h
Examining data/bluez-qt-5.74.0/autotests/gattmanagertest.cpp
Examining data/bluez-qt-5.74.0/tests/adaptersreceiver.cpp
Examining data/bluez-qt-5.74.0/tests/chatprofile.h
Examining data/bluez-qt-5.74.0/tests/mediaendpointconnector.cpp
Examining data/bluez-qt-5.74.0/tests/leserver.cpp
Examining data/bluez-qt-5.74.0/tests/adaptersreceiver.h
Examining data/bluez-qt-5.74.0/tests/mediaendpointconnector.h
Examining data/bluez-qt-5.74.0/tests/devicereceiver.h
Examining data/bluez-qt-5.74.0/tests/leserver.h
Examining data/bluez-qt-5.74.0/tests/devicereceiver.cpp
Examining data/bluez-qt-5.74.0/tests/chatprofile.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Interface.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Parameter.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Properties.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Interface.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Property.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/XmlGenerator.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/BluezApiParser.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Methods.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/TypeAnnotation.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Comment.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Parameter.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/CppGenerator.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/main.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Methods.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Method.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/XmlGenerator.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Properties.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Comment.cpp
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/BluezApiParser.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Property.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/CppGenerator.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/TypeAnnotation.h
Examining data/bluez-qt-5.74.0/tools/bluezapi2qt/Method.cpp
Examining data/bluez-qt-5.74.0/src/mediaplayer.cpp
Examining data/bluez-qt-5.74.0/src/pendingcall.h
Examining data/bluez-qt-5.74.0/src/obexmanager.cpp
Examining data/bluez-qt-5.74.0/src/leadvertisement_p.h
Examining data/bluez-qt-5.74.0/src/gattcharacteristic.cpp
Examining data/bluez-qt-5.74.0/src/tpendingcall.h
Examining data/bluez-qt-5.74.0/src/services.h
Examining data/bluez-qt-5.74.0/src/obextransfer.cpp
Examining data/bluez-qt-5.74.0/src/gattserviceadaptor.cpp
Examining data/bluez-qt-5.74.0/src/obexfiletransfer.h
Examining data/bluez-qt-5.74.0/src/obexagent.cpp
Examining data/bluez-qt-5.74.0/src/a2dp-codecs.h
Examining data/bluez-qt-5.74.0/src/obextransfer_p.h
Examining data/bluez-qt-5.74.0/src/initmanagerjob.cpp
Examining data/bluez-qt-5.74.0/src/obexsession.h
Examining data/bluez-qt-5.74.0/src/adapter_p.h
Examining data/bluez-qt-5.74.0/src/media.h
Examining data/bluez-qt-5.74.0/src/mediatypes.h
Examining data/bluez-qt-5.74.0/src/obexsession.cpp
Examining data/bluez-qt-5.74.0/src/mediaendpoint_p.h
Examining data/bluez-qt-5.74.0/src/rfkill.cpp
Examining data/bluez-qt-5.74.0/src/obexmanager.h
Examining data/bluez-qt-5.74.0/src/gattmanager.cpp
Examining data/bluez-qt-5.74.0/src/agentadaptor.cpp
Examining data/bluez-qt-5.74.0/src/gattserviceadaptor.h
Examining data/bluez-qt-5.74.0/src/input.cpp
Examining data/bluez-qt-5.74.0/src/battery.h
Examining data/bluez-qt-5.74.0/src/request.h
Examining data/bluez-qt-5.74.0/src/obextransfer.h
Examining data/bluez-qt-5.74.0/src/gattservice_p.cpp
Examining data/bluez-qt-5.74.0/src/objectmanageradaptor.h
Examining data/bluez-qt-5.74.0/src/obexagentadaptor.h
Examining data/bluez-qt-5.74.0/src/agentadaptor.h
Examining data/bluez-qt-5.74.0/src/mediaendpoint.h
Examining data/bluez-qt-5.74.0/src/mediatransport_p.cpp
Examining data/bluez-qt-5.74.0/src/obexmanager_p.cpp
Examining data/bluez-qt-5.74.0/src/initmanagerjob.h
Examining data/bluez-qt-5.74.0/src/mediaplayer.h
Examining data/bluez-qt-5.74.0/src/objectmanageradaptor.cpp
Examining data/bluez-qt-5.74.0/src/gattapplication_p.cpp
Examining data/bluez-qt-5.74.0/src/utils.h
Examining data/bluez-qt-5.74.0/src/gattcharacteristicadaptor.h
Examining data/bluez-qt-5.74.0/src/gattservice.h
Examining data/bluez-qt-5.74.0/src/job.cpp
Examining data/bluez-qt-5.74.0/src/mediaendpointadaptor.cpp
Examining data/bluez-qt-5.74.0/src/imports/declarativeadapter.cpp
Examining data/bluez-qt-5.74.0/src/imports/declarativeinput.h
Examining data/bluez-qt-5.74.0/src/imports/declarativedevicesmodel.h
Examining data/bluez-qt-5.74.0/src/imports/declarativebattery.h
Examining data/bluez-qt-5.74.0/src/imports/declarativeadapter.h
Examining data/bluez-qt-5.74.0/src/imports/declarativedevice.h
Examining data/bluez-qt-5.74.0/src/imports/declarativemediaplayer.cpp
Examining data/bluez-qt-5.74.0/src/imports/declarativedevicesmodel.cpp
Examining data/bluez-qt-5.74.0/src/imports/declarativemanager.h
Examining data/bluez-qt-5.74.0/src/imports/bluezqtextensionplugin.cpp
Examining data/bluez-qt-5.74.0/src/imports/declarativemediaplayer.h
Examining data/bluez-qt-5.74.0/src/imports/declarativemanager.cpp
Examining data/bluez-qt-5.74.0/src/imports/declarativedevice.cpp
Examining data/bluez-qt-5.74.0/src/imports/bluezqtextensionplugin.h
Examining data/bluez-qt-5.74.0/src/imports/declarativebattery.cpp
Examining data/bluez-qt-5.74.0/src/imports/declarativeinput.cpp
Examining data/bluez-qt-5.74.0/src/gattapplication.h
Examining data/bluez-qt-5.74.0/src/battery_p.h
Examining data/bluez-qt-5.74.0/src/mediaplayertrack.cpp
Examining data/bluez-qt-5.74.0/src/mediaplayer_p.h
Examining data/bluez-qt-5.74.0/src/media_p.h
Examining data/bluez-qt-5.74.0/src/leadvertisementadaptor.h
Examining data/bluez-qt-5.74.0/src/types.h
Examining data/bluez-qt-5.74.0/src/leadvertisingmanager_p.h
Examining data/bluez-qt-5.74.0/src/input_p.h
Examining data/bluez-qt-5.74.0/src/gattapplication_p.h
Examining data/bluez-qt-5.74.0/src/gattmanager.h
Examining data/bluez-qt-5.74.0/src/gattcharacteristicadaptor.cpp
Examining data/bluez-qt-5.74.0/src/device_p.cpp
Examining data/bluez-qt-5.74.0/src/gattcharacteristic_p.h
Examining data/bluez-qt-5.74.0/src/initobexmanagerjob.h
Examining data/bluez-qt-5.74.0/src/gattcharacteristic_p.cpp
Examining data/bluez-qt-5.74.0/src/mediaendpoint.cpp
Examining data/bluez-qt-5.74.0/src/gattservice_p.h
Examining data/bluez-qt-5.74.0/src/obexmanager_p.h
Examining data/bluez-qt-5.74.0/src/gattapplication.cpp
Examining data/bluez-qt-5.74.0/src/device_p.h
Examining data/bluez-qt-5.74.0/src/agent.cpp
Examining data/bluez-qt-5.74.0/src/adapter.cpp
Examining data/bluez-qt-5.74.0/src/mediatransport.cpp
Examining data/bluez-qt-5.74.0/src/bluezqt_dbustypes.h
Examining data/bluez-qt-5.74.0/src/profileadaptor.cpp
Examining data/bluez-qt-5.74.0/src/mediaendpointadaptor.h
Examining data/bluez-qt-5.74.0/src/device.h
Examining data/bluez-qt-5.74.0/src/profile_p.h
Examining data/bluez-qt-5.74.0/src/pendingcall.cpp
Examining data/bluez-qt-5.74.0/src/utils.cpp
Examining data/bluez-qt-5.74.0/src/adapter_p.cpp
Examining data/bluez-qt-5.74.0/src/gattcharacteristic.h
Examining data/bluez-qt-5.74.0/src/devicesmodel.cpp
Examining data/bluez-qt-5.74.0/src/obexfiletransferentry.h
Examining data/bluez-qt-5.74.0/src/device.cpp
Examining data/bluez-qt-5.74.0/src/obexobjectpush.h
Examining data/bluez-qt-5.74.0/src/leadvertisingmanager.h
Examining data/bluez-qt-5.74.0/src/job_p.h
Examining data/bluez-qt-5.74.0/src/rfkill.h
Examining data/bluez-qt-5.74.0/src/input.h
Examining data/bluez-qt-5.74.0/src/initobexmanagerjob.cpp
Examining data/bluez-qt-5.74.0/src/leadvertisement.cpp
Examining data/bluez-qt-5.74.0/src/media.cpp
Examining data/bluez-qt-5.74.0/src/mediaplayer_p.cpp
Examining data/bluez-qt-5.74.0/src/leadvertisementadaptor.cpp
Examining data/bluez-qt-5.74.0/src/gattmanager_p.cpp
Examining data/bluez-qt-5.74.0/src/leadvertisingmanager.cpp
Examining data/bluez-qt-5.74.0/src/battery.cpp
Examining data/bluez-qt-5.74.0/src/obexfiletransfer.cpp
Examining data/bluez-qt-5.74.0/src/manager_p.h
Examining data/bluez-qt-5.74.0/src/obexagentadaptor.cpp
Examining data/bluez-qt-5.74.0/src/adapter.h
Examining data/bluez-qt-5.74.0/src/leadvertisement.h
Examining data/bluez-qt-5.74.0/src/agent.h
Examining data/bluez-qt-5.74.0/src/manager.cpp
Examining data/bluez-qt-5.74.0/src/obexsession_p.h
Examining data/bluez-qt-5.74.0/src/profile.h
Examining data/bluez-qt-5.74.0/src/obexagent.h
Examining data/bluez-qt-5.74.0/src/macros.h
Examining data/bluez-qt-5.74.0/src/manager.h
Examining data/bluez-qt-5.74.0/src/mediaendpoint_p.cpp
Examining data/bluez-qt-5.74.0/src/mediaplayertrack.h
Examining data/bluez-qt-5.74.0/src/a2dp-codecs.c
Examining data/bluez-qt-5.74.0/src/manager_p.cpp
Examining data/bluez-qt-5.74.0/src/profile.cpp
Examining data/bluez-qt-5.74.0/src/obexobjectpush.cpp
Examining data/bluez-qt-5.74.0/src/leadvertisement_p.cpp
Examining data/bluez-qt-5.74.0/src/obexfiletransferentry.cpp
Examining data/bluez-qt-5.74.0/src/mediatransport.h
Examining data/bluez-qt-5.74.0/src/gattservice.cpp
Examining data/bluez-qt-5.74.0/src/gattmanager_p.h
Examining data/bluez-qt-5.74.0/src/profileadaptor.h
Examining data/bluez-qt-5.74.0/src/mediatransport_p.h
Examining data/bluez-qt-5.74.0/src/job.h
Examining data/bluez-qt-5.74.0/src/request.cpp
Examining data/bluez-qt-5.74.0/src/devicesmodel.h

FINAL RESULTS:

data/bluez-qt-5.74.0/src/rfkill.cpp:117:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    m_readFd = ::open("/dev/rfkill", O_RDONLY | O_CLOEXEC);
data/bluez-qt-5.74.0/src/rfkill.cpp:146:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    m_writeFd = ::open("/dev/rfkill", O_WRONLY | O_CLOEXEC);
data/bluez-qt-5.74.0/tools/bluezapi2qt/CppGenerator.cpp:39:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/bluez-qt-5.74.0/tools/bluezapi2qt/CppGenerator.cpp:124:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/bluez-qt-5.74.0/tools/bluezapi2qt/XmlGenerator.cpp:33:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/bluez-qt-5.74.0/tools/bluezapi2qt/main.cpp:73:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/bluez-qt-5.74.0/src/rfkill.cpp:183:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while (::read(m_readFd, &event, sizeof(event)) == sizeof(event)) {

ANALYSIS SUMMARY:

Hits = 7
Lines analyzed = 23665 in approximately 0.59 seconds (40239 lines/second)
Physical Source Lines of Code (SLOC) = 14802
Hits@level = [0]   0 [1]   1 [2]   6 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]   7 [1+]   7 [2+]   6 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 0.472909 [1+] 0.472909 [2+] 0.405351 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.