Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kdebugsettings-20.08.1/autotests/environmentsettingsrulespagetest.cpp Examining data/kdebugsettings-20.08.1/autotests/kdebugsettingsdialogtest.h Examining data/kdebugsettings-20.08.1/autotests/saverulesjobtest.h Examining data/kdebugsettings-20.08.1/autotests/kdebugsettingsdialogtest.cpp Examining data/kdebugsettings-20.08.1/autotests/kdeapplicationdebugsettingpagetest.cpp Examining data/kdebugsettings-20.08.1/autotests/kdeapplicationtreelistwidgettest.h Examining data/kdebugsettings-20.08.1/autotests/loggingcategorytest.h Examining data/kdebugsettings-20.08.1/autotests/configurecustomsettingwidgettest.cpp Examining data/kdebugsettings-20.08.1/autotests/kdeapplicationdebugsettingpagetest.h Examining data/kdebugsettings-20.08.1/autotests/renamecategorytest.h Examining data/kdebugsettings-20.08.1/autotests/changedebugmodejobtest.cpp Examining data/kdebugsettings-20.08.1/autotests/categorywarningtest.h Examining data/kdebugsettings-20.08.1/autotests/kdebugsettingsloadingcategoriestest.cpp Examining data/kdebugsettings-20.08.1/autotests/configurecustomsettingdialogtest.h Examining data/kdebugsettings-20.08.1/autotests/categorytypecomboboxtest.cpp Examining data/kdebugsettings-20.08.1/autotests/saverulesjobtest.cpp Examining data/kdebugsettings-20.08.1/autotests/configurecustomsettingdialogtest.cpp Examining data/kdebugsettings-20.08.1/autotests/loggingcategorytest.cpp Examining data/kdebugsettings-20.08.1/autotests/customdebugsettingspagetest.cpp Examining data/kdebugsettings-20.08.1/autotests/kdeapplicationtreelistwidgettest.cpp Examining data/kdebugsettings-20.08.1/autotests/environmentsettingsrulespagetest.h Examining data/kdebugsettings-20.08.1/autotests/loadcategoriesjobtest.cpp Examining data/kdebugsettings-20.08.1/autotests/renamecategorytest.cpp Examining data/kdebugsettings-20.08.1/autotests/kdebugsettingutiltest.cpp Examining data/kdebugsettings-20.08.1/autotests/loadcategoriesjobtest.h Examining data/kdebugsettings-20.08.1/autotests/customdebugsettingspagetest.h Examining data/kdebugsettings-20.08.1/autotests/kdebugsettingsloadingcategoriestest.h Examining data/kdebugsettings-20.08.1/autotests/changedebugmodejobtest.h Examining data/kdebugsettings-20.08.1/autotests/configurecustomsettingwidgettest.h Examining data/kdebugsettings-20.08.1/autotests/categorytypecomboboxtest.h Examining data/kdebugsettings-20.08.1/autotests/categorywarningtest.cpp Examining data/kdebugsettings-20.08.1/autotests/kdebugsettingutiltest.h Examining data/kdebugsettings-20.08.1/src/configurecustomsettingdialog.h Examining data/kdebugsettings-20.08.1/src/loadcategoriesjob.h Examining data/kdebugsettings-20.08.1/src/changedebugmodejob.h Examining data/kdebugsettings-20.08.1/src/loggingcategory.cpp Examining data/kdebugsettings-20.08.1/src/kdebugsettingsloadingcategories.cpp Examining data/kdebugsettings-20.08.1/src/kdeapplicationdebugsettingpage.h Examining data/kdebugsettings-20.08.1/src/environmentplaintextedit.cpp Examining data/kdebugsettings-20.08.1/src/kdeapplicationtreelistwidget.cpp Examining data/kdebugsettings-20.08.1/src/kdeloggingcategory.h Examining data/kdebugsettings-20.08.1/src/kdebugsettingsloadingcategories.h Examining data/kdebugsettings-20.08.1/src/loadcategoriesjob.cpp Examining data/kdebugsettings-20.08.1/src/customdebugsettingspage.cpp Examining data/kdebugsettings-20.08.1/src/kdebugsettingsdialog.h Examining data/kdebugsettings-20.08.1/src/categorytypecombobox.h Examining data/kdebugsettings-20.08.1/src/kdebugsettingsutil.h Examining data/kdebugsettings-20.08.1/src/kdebugsettingsutil.cpp Examining data/kdebugsettings-20.08.1/src/environmentsettingsrulespage.h Examining data/kdebugsettings-20.08.1/src/loggingcategory.h Examining data/kdebugsettings-20.08.1/src/configurecustomsettingwidget.cpp Examining data/kdebugsettings-20.08.1/src/kdebugsettingsdialog.cpp Examining data/kdebugsettings-20.08.1/src/changedebugmodejob.cpp Examining data/kdebugsettings-20.08.1/src/kdeapplicationdebugsettingpage.cpp Examining data/kdebugsettings-20.08.1/src/categorywarning.cpp Examining data/kdebugsettings-20.08.1/src/libkdebugsettings_private_export.h Examining data/kdebugsettings-20.08.1/src/configurecustomsettingwidget.h Examining data/kdebugsettings-20.08.1/src/saverulesjob.cpp Examining data/kdebugsettings-20.08.1/src/main.cpp Examining data/kdebugsettings-20.08.1/src/kdeloggingcategory.cpp Examining data/kdebugsettings-20.08.1/src/renamecategory.h Examining data/kdebugsettings-20.08.1/src/environmentplaintextedit.h Examining data/kdebugsettings-20.08.1/src/customdebugsettingspage.h Examining data/kdebugsettings-20.08.1/src/categorytypecombobox.cpp Examining data/kdebugsettings-20.08.1/src/saverulesjob.h Examining data/kdebugsettings-20.08.1/src/categorywarning.h Examining data/kdebugsettings-20.08.1/src/configurecustomsettingdialog.cpp Examining data/kdebugsettings-20.08.1/src/kdeapplicationtreelistwidget.h Examining data/kdebugsettings-20.08.1/src/renamecategory.cpp Examining data/kdebugsettings-20.08.1/src/environmentsettingsrulespage.cpp FINAL RESULTS: data/kdebugsettings-20.08.1/src/kdebugsettingsutil.cpp:68:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly)) { data/kdebugsettings-20.08.1/src/kdebugsettingsutil.cpp:211:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly)) { data/kdebugsettings-20.08.1/src/kdebugsettingsutil.cpp:244:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly)) { data/kdebugsettings-20.08.1/src/kdebugsettingsutil.cpp:326:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QIODevice::ReadOnly)) { data/kdebugsettings-20.08.1/src/saverulesjob.cpp:48:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!qtlogging.open(QIODevice::WriteOnly | QIODevice::Text | QIODevice::Truncate)) { ANALYSIS SUMMARY: Hits = 5 Lines analyzed = 5575 in approximately 0.18 seconds (31152 lines/second) Physical Source Lines of Code (SLOC) = 3576 Hits@level = [0] 0 [1] 0 [2] 5 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 5 [1+] 5 [2+] 5 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 1.39821 [1+] 1.39821 [2+] 1.39821 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.