Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kdeplasma-addons-5.19.5/plasmacalendarplugins/astronomical/astronomicaleventsplugin.h
Examining data/kdeplasma-addons-5.19.5/plasmacalendarplugins/astronomical/astronomicaleventsplugin.cpp
Examining data/kdeplasma-addons-5.19.5/plasmacalendarplugins/astronomical/config/plugin/configplugin.cpp
Examining data/kdeplasma-addons-5.19.5/plasmacalendarplugins/astronomical/config/plugin/configstorage.cpp
Examining data/kdeplasma-addons-5.19.5/plasmacalendarplugins/astronomical/config/plugin/configstorage.h
Examining data/kdeplasma-addons-5.19.5/plasmacalendarplugins/astronomical/config/plugin/configplugin.h
Examining data/kdeplasma-addons-5.19.5/templates/plasmapotdprovider/src/%{APPNAMELC}.cpp
Examining data/kdeplasma-addons-5.19.5/templates/plasmapotdprovider/src/%{APPNAMELC}.h
Examining data/kdeplasma-addons-5.19.5/runners/converter/autotests/converterrunnertest.cpp
Examining data/kdeplasma-addons-5.19.5/runners/converter/converterrunner.cpp
Examining data/kdeplasma-addons-5.19.5/runners/converter/plugin.cpp
Examining data/kdeplasma-addons-5.19.5/runners/converter/converterrunner.h
Examining data/kdeplasma-addons-5.19.5/runners/datetime/datetimerunner.cpp
Examining data/kdeplasma-addons-5.19.5/runners/datetime/datetimerunner.h
Examining data/kdeplasma-addons-5.19.5/runners/spellchecker/spellcheck_config.cpp
Examining data/kdeplasma-addons-5.19.5/runners/spellchecker/spellcheck.cpp
Examining data/kdeplasma-addons-5.19.5/runners/spellchecker/spellcheck.h
Examining data/kdeplasma-addons-5.19.5/runners/spellchecker/spellcheck_config.h
Examining data/kdeplasma-addons-5.19.5/runners/characters/charrunner_config.h
Examining data/kdeplasma-addons-5.19.5/runners/characters/charrunner.cpp
Examining data/kdeplasma-addons-5.19.5/runners/characters/charrunner.h
Examining data/kdeplasma-addons-5.19.5/runners/characters/charrunner_config.cpp
Examining data/kdeplasma-addons-5.19.5/runners/characters/config_keys.h
Examining data/kdeplasma-addons-5.19.5/runners/mediawiki/mediawikirunner.cpp
Examining data/kdeplasma-addons-5.19.5/runners/mediawiki/mediawiki.cpp
Examining data/kdeplasma-addons-5.19.5/runners/mediawiki/mediawiki.h
Examining data/kdeplasma-addons-5.19.5/runners/mediawiki/mediawikirunner.h
Examining data/kdeplasma-addons-5.19.5/runners/dictionary/dictionarymatchengine.cpp
Examining data/kdeplasma-addons-5.19.5/runners/dictionary/dictionarymatchengine.h
Examining data/kdeplasma-addons-5.19.5/runners/dictionary/dictionaryrunner_config.cpp
Examining data/kdeplasma-addons-5.19.5/runners/dictionary/dictionaryrunner.cpp
Examining data/kdeplasma-addons-5.19.5/runners/dictionary/dictionaryrunner_config.h
Examining data/kdeplasma-addons-5.19.5/runners/dictionary/dictionaryrunner.h
Examining data/kdeplasma-addons-5.19.5/runners/katesessions/katesessions.cpp
Examining data/kdeplasma-addons-5.19.5/runners/katesessions/katesessions.h
Examining data/kdeplasma-addons-5.19.5/runners/konsoleprofiles/konsoleprofiles.cpp
Examining data/kdeplasma-addons-5.19.5/runners/konsoleprofiles/konsoleprofiles.h
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderkross.h
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comic.h
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/cachedprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/cachedprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comicprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comic_package.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comicprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.h
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comic_package.h
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comic.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderkross.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/bingprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/potdprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/potd.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/cachedprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/apodprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/cachedprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/epodprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/unsplashprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/apodprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/natgeoprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/bingprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/epodprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/flickrprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/flickrprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/noaaprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/potdprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/potd.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/noaaprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/wcpotdprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/unsplashprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/natgeoprovider.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/potd/wcpotdprovider.h
Examining data/kdeplasma-addons-5.19.5/dataengines/konsoleprofiles/konsoleprofilesservice.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/konsoleprofiles/konsoleprofilesengine.h
Examining data/kdeplasma-addons-5.19.5/dataengines/konsoleprofiles/konsoleprofilesengine.cpp
Examining data/kdeplasma-addons-5.19.5/dataengines/konsoleprofiles/konsoleprofilesservice.h
Examining data/kdeplasma-addons-5.19.5/applets/quicklaunch/plugin/quicklaunch_p.cpp
Examining data/kdeplasma-addons-5.19.5/applets/quicklaunch/plugin/quicklaunch_p.h
Examining data/kdeplasma-addons-5.19.5/applets/quicklaunch/plugin/quicklaunchplugin.h
Examining data/kdeplasma-addons-5.19.5/applets/quicklaunch/plugin/quicklaunchplugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/timer/plugin/timerplugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/timer/plugin/timerplugin.h
Examining data/kdeplasma-addons-5.19.5/applets/timer/plugin/timer.cpp
Examining data/kdeplasma-addons-5.19.5/applets/timer/plugin/timer.h
Examining data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframeplugin.h
Examining data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframeplugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.h
Examining data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.cpp
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/DiskQuota.h
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/QuotaListModel.cpp
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/DiskQuota.cpp
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/QuotaItem.cpp
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/plugin.h
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/plugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/QuotaItem.h
Examining data/kdeplasma-addons-5.19.5/applets/diskquota/plugin/QuotaListModel.h
Examining data/kdeplasma-addons-5.19.5/applets/dict/plugin/dict_plugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/dict/plugin/dict_object.h
Examining data/kdeplasma-addons-5.19.5/applets/dict/plugin/dictionariesmodel.cpp
Examining data/kdeplasma-addons-5.19.5/applets/dict/plugin/dict_object.cpp
Examining data/kdeplasma-addons-5.19.5/applets/dict/plugin/dictionariesmodel.h
Examining data/kdeplasma-addons-5.19.5/applets/dict/plugin/dict_plugin.h
Examining data/kdeplasma-addons-5.19.5/applets/weather/weatherapplet.h
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/util.h
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/plugin.h
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/abstractunitlistmodel.cpp
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/locationlistmodel.cpp
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/servicelistmodel.cpp
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/util.cpp
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/locationlistmodel.h
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/servicelistmodel.h
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/abstractunitlistmodel.h
Examining data/kdeplasma-addons-5.19.5/applets/weather/plugin/plugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/weather/weatherapplet.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicdata.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicarchivedialog.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicsaver.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comic.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicarchivedialog.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/stripselector.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/stripselector_p.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicmodel.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicsaver.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicarchivejob.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicinfo.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicarchivejob.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicinfo.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/activecomicmodel.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicupdater.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicupdater.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicdata.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/comicmodel.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/comic.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/activecomicmodel.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/stripselector.h
Examining data/kdeplasma-addons-5.19.5/applets/comic/checknewstrips.cpp
Examining data/kdeplasma-addons-5.19.5/applets/comic/checknewstrips.h
Examining data/kdeplasma-addons-5.19.5/applets/colorpicker/plugin/grabwidget.cpp
Examining data/kdeplasma-addons-5.19.5/applets/colorpicker/plugin/colorpickerplugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/colorpicker/plugin/grabwidget.h
Examining data/kdeplasma-addons-5.19.5/applets/colorpicker/plugin/colorpickerplugin.h
Examining data/kdeplasma-addons-5.19.5/applets/nightcolor/plugin/inhibitor.h
Examining data/kdeplasma-addons-5.19.5/applets/nightcolor/plugin/monitor.cpp
Examining data/kdeplasma-addons-5.19.5/applets/nightcolor/plugin/plugin.h
Examining data/kdeplasma-addons-5.19.5/applets/nightcolor/plugin/monitor_p.h
Examining data/kdeplasma-addons-5.19.5/applets/nightcolor/plugin/inhibitor.cpp
Examining data/kdeplasma-addons-5.19.5/applets/nightcolor/plugin/plugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/nightcolor/plugin/monitor.h
Examining data/kdeplasma-addons-5.19.5/applets/fifteenPuzzle/plugin/fifteenimageprovider.h
Examining data/kdeplasma-addons-5.19.5/applets/fifteenPuzzle/plugin/fifteenimageprovider.cpp
Examining data/kdeplasma-addons-5.19.5/applets/fifteenPuzzle/plugin/fifteenpuzzleplugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/fifteenPuzzle/plugin/fifteenpuzzleplugin.h
Examining data/kdeplasma-addons-5.19.5/applets/grouping/container/groupedappletscontainer.cpp
Examining data/kdeplasma-addons-5.19.5/applets/grouping/container/groupedappletscontainer.h
Examining data/kdeplasma-addons-5.19.5/applets/grouping/groupingcontainment.cpp
Examining data/kdeplasma-addons-5.19.5/applets/grouping/groupingcontainment.h
Examining data/kdeplasma-addons-5.19.5/applets/quickshare/plugin/purposeplugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/quickshare/plugin/contenttracker.cpp
Examining data/kdeplasma-addons-5.19.5/applets/quickshare/plugin/contenttracker.h
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/note.h
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/abstractnoteloader.h
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/abstractnoteloader.cpp
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/documenthandler.h
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/notesplugin.cpp
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/filesystemnoteloader.cpp
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/notemanager.cpp
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/notemanager.h
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/documenthandler.cpp
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/notesplugin.h
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/filesystemnoteloader.h
Examining data/kdeplasma-addons-5.19.5/applets/notes/plugin/note.cpp
FINAL RESULTS:
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp:259:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return QLocale::system().dayName(weekday, QLocale::LongFormat);
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp:264:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return QLocale::system().monthName(month, QLocale::LongFormat);
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp:269:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return QLocale::system().dayName(weekday, QLocale::ShortFormat);
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp:274:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return QLocale::system().monthName(month, QLocale::ShortFormat);
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.cpp:59:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bool MediaFrame::random() const
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.cpp:64:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void MediaFrame::setRandom(bool random)
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.cpp:66:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random != m_random) {
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.cpp:67:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
m_random = random;
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.cpp:72:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int MediaFrame::random(int min, int max)
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.cpp:262:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
path = m_allFiles.at(this->random(0, size));
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.h:38:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Q_PROPERTY(bool random READ random WRITE setRandom NOTIFY randomChanged)
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.h:38:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Q_PROPERTY(bool random READ random WRITE setRandom NOTIFY randomChanged)
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.h:57:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bool random() const;
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.h:58:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void setRandom(bool random);
data/kdeplasma-addons-5.19.5/applets/mediaframe/plugin/mediaframe.h:93:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int random(int min, int max);
data/kdeplasma-addons-5.19.5/applets/comic/comicarchivejob.cpp:48:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( mZipFile->open() ) {
data/kdeplasma-addons-5.19.5/applets/comic/comicarchivejob.cpp:50:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mZip->open( QIODevice::ReadWrite );
data/kdeplasma-addons-5.19.5/applets/comic/comicarchivejob.cpp:200:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
worked = tempFile.open();
data/kdeplasma-addons-5.19.5/applets/comic/comicarchivejob.cpp:216:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
worked = tempFile->open();
data/kdeplasma-addons-5.19.5/applets/notes/plugin/filesystemnoteloader.cpp:89:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/kdeplasma-addons-5.19.5/applets/notes/plugin/filesystemnoteloader.cpp:103:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly | QIODevice::Text)) {
data/kdeplasma-addons-5.19.5/applets/notes/plugin/notesplugin.cpp:49:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/kdeplasma-addons-5.19.5/applets/quickshare/plugin/purposeplugin.cpp:53:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer.open(QIODevice::WriteOnly);
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp:86:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mBuffer.open(QIODevice::ReadOnly);
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp:95:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QImage ImageWrapper::read()
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.cpp:97:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return mImageReader.read();
data/kdeplasma-addons-5.19.5/dataengines/comic/comicproviderwrapper.h:73:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QImage read();
ANALYSIS SUMMARY:
Hits = 27
Lines analyzed = 18652 in approximately 0.69 seconds (27069 lines/second)
Physical Source Lines of Code (SLOC) = 11330
Hits@level = [0] 0 [1] 3 [2] 9 [3] 11 [4] 4 [5] 0
Hits@level+ = [0+] 27 [1+] 27 [2+] 24 [3+] 15 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 2.38305 [1+] 2.38305 [2+] 2.11827 [3+] 1.32392 [4+] 0.353045 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.