Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kig-20.08.0/modes/label.cc
Examining data/kig-20.08.0/modes/textlabelwizard.h
Examining data/kig-20.08.0/modes/typesdialog.h
Examining data/kig-20.08.0/modes/typesdialog.cpp
Examining data/kig-20.08.0/modes/edittype.cc
Examining data/kig-20.08.0/modes/textlabelwizard.cc
Examining data/kig-20.08.0/modes/mode.cc
Examining data/kig-20.08.0/modes/dragrectmode.h
Examining data/kig-20.08.0/modes/macrowizard.h
Examining data/kig-20.08.0/modes/macro.h
Examining data/kig-20.08.0/modes/macrowizard.cc
Examining data/kig-20.08.0/modes/historydialog.cc
Examining data/kig-20.08.0/modes/historydialog.h
Examining data/kig-20.08.0/modes/linkslabel.cpp
Examining data/kig-20.08.0/modes/popup/popupactionprovider.h
Examining data/kig-20.08.0/modes/popup/propertiesactionsprovider.h
Examining data/kig-20.08.0/modes/popup/scriptactionsprovider.h
Examining data/kig-20.08.0/modes/popup/objectchooserpopup.cc
Examining data/kig-20.08.0/modes/popup/builtindocumentactionsprovider.cc
Examining data/kig-20.08.0/modes/popup/nameobjectactionsprovider.cc
Examining data/kig-20.08.0/modes/popup/objectchooserpopup.h
Examining data/kig-20.08.0/modes/popup/objecttypeactionsprovider.cc
Examining data/kig-20.08.0/modes/popup/builtindocumentactionsprovider.h
Examining data/kig-20.08.0/modes/popup/objectconstructoractionsprovider.cc
Examining data/kig-20.08.0/modes/popup/builtinobjectactionsprovider.h
Examining data/kig-20.08.0/modes/popup/popup.cc
Examining data/kig-20.08.0/modes/popup/nameobjectactionsprovider.h
Examining data/kig-20.08.0/modes/popup/scriptactionsprovider.cc
Examining data/kig-20.08.0/modes/popup/popup.h
Examining data/kig-20.08.0/modes/popup/objectconstructoractionsprovider.h
Examining data/kig-20.08.0/modes/popup/propertiesactionsprovider.cc
Examining data/kig-20.08.0/modes/popup/builtinobjectactionsprovider.cc
Examining data/kig-20.08.0/modes/popup/objecttypeactionsprovider.h
Examining data/kig-20.08.0/modes/normal.cc
Examining data/kig-20.08.0/modes/normal.h
Examining data/kig-20.08.0/modes/dragrectmode.cc
Examining data/kig-20.08.0/modes/label.h
Examining data/kig-20.08.0/modes/construct_mode.h
Examining data/kig-20.08.0/modes/base_mode.h
Examining data/kig-20.08.0/modes/moving.cc
Examining data/kig-20.08.0/modes/mode.h
Examining data/kig-20.08.0/modes/macro.cc
Examining data/kig-20.08.0/modes/base_mode.cc
Examining data/kig-20.08.0/modes/construct_mode.cc
Examining data/kig-20.08.0/modes/linkslabel.h
Examining data/kig-20.08.0/modes/moving.h
Examining data/kig-20.08.0/modes/edittype.h
Examining data/kig-20.08.0/misc/equationstring.cc
Examining data/kig-20.08.0/misc/rect.h
Examining data/kig-20.08.0/misc/builtin_stuff.h
Examining data/kig-20.08.0/misc/kigpainter.cpp
Examining data/kig-20.08.0/misc/argsparser.cpp
Examining data/kig-20.08.0/misc/kigtransform.h
Examining data/kig-20.08.0/misc/point_style.h
Examining data/kig-20.08.0/misc/common.cpp
Examining data/kig-20.08.0/misc/object_hierarchy.cc
Examining data/kig-20.08.0/misc/builtin_stuff.cc
Examining data/kig-20.08.0/misc/kiginputdialog.h
Examining data/kig-20.08.0/misc/kigcoordinateprecisiondialog.cpp
Examining data/kig-20.08.0/misc/cubic-common.h
Examining data/kig-20.08.0/misc/kignumerics.h
Examining data/kig-20.08.0/misc/common.h
Examining data/kig-20.08.0/misc/lists.cc
Examining data/kig-20.08.0/misc/kigtransform.cpp
Examining data/kig-20.08.0/misc/argsparser.h
Examining data/kig-20.08.0/misc/kigfiledialog.cc
Examining data/kig-20.08.0/misc/kignumerics.cpp
Examining data/kig-20.08.0/misc/screeninfo.cc
Examining data/kig-20.08.0/misc/special_constructors.cc
Examining data/kig-20.08.0/misc/unit.h
Examining data/kig-20.08.0/misc/unit.cc
Examining data/kig-20.08.0/misc/conic-common.cpp
Examining data/kig-20.08.0/misc/guiaction.h
Examining data/kig-20.08.0/misc/kiginputdialog.cc
Examining data/kig-20.08.0/misc/object_constructor.cc
Examining data/kig-20.08.0/misc/coordinate_system.cpp
Examining data/kig-20.08.0/misc/kigpainter.h
Examining data/kig-20.08.0/misc/conic-common.h
Examining data/kig-20.08.0/misc/kigfiledialog.h
Examining data/kig-20.08.0/misc/kigcoordinateprecisiondialog.h
Examining data/kig-20.08.0/misc/goniometry.h
Examining data/kig-20.08.0/misc/lists.h
Examining data/kig-20.08.0/misc/object_hierarchy.h
Examining data/kig-20.08.0/misc/goniometry.cc
Examining data/kig-20.08.0/misc/equationstring.h
Examining data/kig-20.08.0/misc/object_constructor.h
Examining data/kig-20.08.0/misc/screeninfo.h
Examining data/kig-20.08.0/misc/rect.cc
Examining data/kig-20.08.0/misc/guiaction.cc
Examining data/kig-20.08.0/misc/coordinate.cpp
Examining data/kig-20.08.0/misc/coordinate_system.h
Examining data/kig-20.08.0/misc/cubic-common.cc
Examining data/kig-20.08.0/misc/special_constructors.h
Examining data/kig-20.08.0/misc/boost_intrusive_pointer.hpp
Examining data/kig-20.08.0/misc/coordinate.h
Examining data/kig-20.08.0/misc/calcpaths.h
Examining data/kig-20.08.0/misc/calcpaths.cc
Examining data/kig-20.08.0/objects/curve_imp.h
Examining data/kig-20.08.0/objects/object_drawer.h
Examining data/kig-20.08.0/objects/tangent_type.h
Examining data/kig-20.08.0/objects/object_factory.h
Examining data/kig-20.08.0/objects/circle_imp.cc
Examining data/kig-20.08.0/objects/line_imp.h
Examining data/kig-20.08.0/objects/common.cc
Examining data/kig-20.08.0/objects/text_imp.h
Examining data/kig-20.08.0/objects/angle_type.h
Examining data/kig-20.08.0/objects/object_type_factory.h
Examining data/kig-20.08.0/objects/cubic_type.cc
Examining data/kig-20.08.0/objects/text_imp.cc
Examining data/kig-20.08.0/objects/inversion_type.cc
Examining data/kig-20.08.0/objects/vector_type.h
Examining data/kig-20.08.0/objects/object_drawer.cc
Examining data/kig-20.08.0/objects/bezier_type.cc
Examining data/kig-20.08.0/objects/special_imptypes.h
Examining data/kig-20.08.0/objects/object_imp_factory.h
Examining data/kig-20.08.0/objects/line_imp.cc
Examining data/kig-20.08.0/objects/point_type.h
Examining data/kig-20.08.0/objects/object_type_factory.cc
Examining data/kig-20.08.0/objects/common.h
Examining data/kig-20.08.0/objects/bogus_imp.h
Examining data/kig-20.08.0/objects/angle_type.cc
Examining data/kig-20.08.0/objects/curve_imp.cc
Examining data/kig-20.08.0/objects/base_type.h
Examining data/kig-20.08.0/objects/line_type.h
Examining data/kig-20.08.0/objects/point_type.cc
Examining data/kig-20.08.0/objects/circle_type.cc
Examining data/kig-20.08.0/objects/conic_types.cc
Examining data/kig-20.08.0/objects/cubic_imp.cc
Examining data/kig-20.08.0/objects/base_type.cc
Examining data/kig-20.08.0/objects/other_imp.h
Examining data/kig-20.08.0/objects/tangent_type.cc
Examining data/kig-20.08.0/objects/bogus_imp.cc
Examining data/kig-20.08.0/objects/object_factory.cc
Examining data/kig-20.08.0/objects/intersection_types.cc
Examining data/kig-20.08.0/objects/object_holder.cc
Examining data/kig-20.08.0/objects/bezier_imp.h
Examining data/kig-20.08.0/objects/inversion_type.h
Examining data/kig-20.08.0/objects/arc_type.h
Examining data/kig-20.08.0/objects/object_imp.cc
Examining data/kig-20.08.0/objects/object_type.h
Examining data/kig-20.08.0/objects/object_imp.h
Examining data/kig-20.08.0/objects/bezier_type.h
Examining data/kig-20.08.0/objects/polygon_type.cc
Examining data/kig-20.08.0/objects/locus_imp.h
Examining data/kig-20.08.0/objects/polygon_imp.h
Examining data/kig-20.08.0/objects/line_type.cc
Examining data/kig-20.08.0/objects/transform_types.h
Examining data/kig-20.08.0/objects/other_type.h
Examining data/kig-20.08.0/objects/arc_type.cc
Examining data/kig-20.08.0/objects/cubic_imp.h
Examining data/kig-20.08.0/objects/transform_types.cc
Examining data/kig-20.08.0/objects/bezier_imp.cc
Examining data/kig-20.08.0/objects/polygon_type.h
Examining data/kig-20.08.0/objects/tests_type.cc
Examining data/kig-20.08.0/objects/object_holder.h
Examining data/kig-20.08.0/objects/locus_imp.cc
Examining data/kig-20.08.0/objects/circle_type.h
Examining data/kig-20.08.0/objects/circle_imp.h
Examining data/kig-20.08.0/objects/special_calcers.cc
Examining data/kig-20.08.0/objects/special_imptypes.cc
Examining data/kig-20.08.0/objects/cubic_type.h
Examining data/kig-20.08.0/objects/other_type.cc
Examining data/kig-20.08.0/objects/centerofcurvature_type.cc
Examining data/kig-20.08.0/objects/text_type.cc
Examining data/kig-20.08.0/objects/text_type.h
Examining data/kig-20.08.0/objects/tests_type.h
Examining data/kig-20.08.0/objects/polygon_imp.cc
Examining data/kig-20.08.0/objects/conic_imp.cc
Examining data/kig-20.08.0/objects/vector_type.cc
Examining data/kig-20.08.0/objects/point_imp.cc
Examining data/kig-20.08.0/objects/intersection_types.h
Examining data/kig-20.08.0/objects/object_type.cc
Examining data/kig-20.08.0/objects/centerofcurvature_type.h
Examining data/kig-20.08.0/objects/object_imp_factory.cc
Examining data/kig-20.08.0/objects/other_imp.cc
Examining data/kig-20.08.0/objects/object_calcer.cc
Examining data/kig-20.08.0/objects/conic_types.h
Examining data/kig-20.08.0/objects/point_imp.h
Examining data/kig-20.08.0/objects/object_calcer.h
Examining data/kig-20.08.0/objects/special_calcers.h
Examining data/kig-20.08.0/objects/conic_imp.h
Examining data/kig-20.08.0/scripting/script-common.cc
Examining data/kig-20.08.0/scripting/script_mode.h
Examining data/kig-20.08.0/scripting/script-common.h
Examining data/kig-20.08.0/scripting/python_scripter.cc
Examining data/kig-20.08.0/scripting/newscriptwizard.h
Examining data/kig-20.08.0/scripting/newscriptwizard.cc
Examining data/kig-20.08.0/scripting/python_type.h
Examining data/kig-20.08.0/scripting/script_mode.cc
Examining data/kig-20.08.0/scripting/python_scripter.h
Examining data/kig-20.08.0/scripting/python_type.cc
Examining data/kig-20.08.0/tests/coordinatevalidatortest.cpp
Examining data/kig-20.08.0/filters/asyexporter.cc
Examining data/kig-20.08.0/filters/kseg-filter.cc
Examining data/kig-20.08.0/filters/latexexporter.h
Examining data/kig-20.08.0/filters/xfigexporter.h
Examining data/kig-20.08.0/filters/filter.cc
Examining data/kig-20.08.0/filters/pgfexporterimpvisitor.cc
Examining data/kig-20.08.0/filters/asyexporterimpvisitor.cc
Examining data/kig-20.08.0/filters/filters-common.cc
Examining data/kig-20.08.0/filters/svgexporter.cc
Examining data/kig-20.08.0/filters/svgexporteroptions.cc
Examining data/kig-20.08.0/filters/cabri-filter.h
Examining data/kig-20.08.0/filters/cabri-filter.cc
Examining data/kig-20.08.0/filters/asyexporteroptions.h
Examining data/kig-20.08.0/filters/geogebra-filter.h
Examining data/kig-20.08.0/filters/kgeo-resource.h
Examining data/kig-20.08.0/filters/xfigexporter.cc
Examining data/kig-20.08.0/filters/drgeo-filter.h
Examining data/kig-20.08.0/filters/asyexporteroptions.cc
Examining data/kig-20.08.0/filters/cabri-utils.h
Examining data/kig-20.08.0/filters/asyexporterimpvisitor.h
Examining data/kig-20.08.0/filters/svgexporteroptions.h
Examining data/kig-20.08.0/filters/kgeo-filter.h
Examining data/kig-20.08.0/filters/geogebra-filter.cpp
Examining data/kig-20.08.0/filters/native-filter.cc
Examining data/kig-20.08.0/filters/filters-common.h
Examining data/kig-20.08.0/filters/kseg-filter.h
Examining data/kig-20.08.0/filters/drgeo-filter.cc
Examining data/kig-20.08.0/filters/native-filter.h
Examining data/kig-20.08.0/filters/asyexporter.h
Examining data/kig-20.08.0/filters/latexexporter.cc
Examining data/kig-20.08.0/filters/latexexporteroptions.cc
Examining data/kig-20.08.0/filters/pgfexporterimpvisitor.h
Examining data/kig-20.08.0/filters/imageexporteroptions.h
Examining data/kig-20.08.0/filters/kgeo-filter.cc
Examining data/kig-20.08.0/filters/exporter.h
Examining data/kig-20.08.0/filters/svgexporter.h
Examining data/kig-20.08.0/filters/cabri-utils.cc
Examining data/kig-20.08.0/filters/filter.h
Examining data/kig-20.08.0/filters/kseg-defs.h
Examining data/kig-20.08.0/filters/imageexporteroptions.cc
Examining data/kig-20.08.0/filters/latexexporteroptions.h
Examining data/kig-20.08.0/filters/exporter.cc
Examining data/kig-20.08.0/kig/kig.cpp
Examining data/kig-20.08.0/kig/kig_part.cpp
Examining data/kig-20.08.0/kig/kig_document.h
Examining data/kig-20.08.0/kig/kig_part.h
Examining data/kig-20.08.0/kig/aboutdata.h
Examining data/kig-20.08.0/kig/kig_view.h
Examining data/kig-20.08.0/kig/kig_commands.h
Examining data/kig-20.08.0/kig/kig_iface.cpp
Examining data/kig-20.08.0/kig/kig_iface.h
Examining data/kig-20.08.0/kig/kig_view.cpp
Examining data/kig-20.08.0/kig/main.cpp
Examining data/kig-20.08.0/kig/kig.h
Examining data/kig-20.08.0/kig/kig_document.cc
Examining data/kig-20.08.0/kig/kig_commands.cpp
Examining data/kig-20.08.0/geogebra/geogebratransformer.cpp
Examining data/kig-20.08.0/geogebra/geogebrasection.cpp
Examining data/kig-20.08.0/geogebra/geogebrasection.h
Examining data/kig-20.08.0/geogebra/geogebratransformer.h
FINAL RESULTS:
data/kig-20.08.0/misc/goniometry.cc:36:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Goniometry::Goniometry( double value, Goniometry::System system )
data/kig-20.08.0/misc/goniometry.cc:39:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
msys = system;
data/kig-20.08.0/misc/goniometry.cc:56:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void Goniometry::setSystem( Goniometry::System system )
data/kig-20.08.0/misc/goniometry.cc:58:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
msys = system;
data/kig-20.08.0/misc/goniometry.cc:61:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void Goniometry::convertTo( Goniometry::System system )
data/kig-20.08.0/misc/goniometry.cc:63:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
mvalue = convert( mvalue, msys, system );
data/kig-20.08.0/misc/goniometry.cc:64:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
msys = system;
data/kig-20.08.0/misc/goniometry.cc:67:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Goniometry::System Goniometry::system() const
data/kig-20.08.0/misc/goniometry.cc:72:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
double Goniometry::getValue( Goniometry::System system )
data/kig-20.08.0/misc/goniometry.cc:74:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return convert( mvalue, msys, system );
data/kig-20.08.0/misc/goniometry.h:33:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Goniometry( double value, Goniometry::System system );
data/kig-20.08.0/misc/goniometry.h:43:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void setSystem( Goniometry::System system );
data/kig-20.08.0/misc/goniometry.h:50:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void convertTo( Goniometry::System system );
data/kig-20.08.0/misc/goniometry.h:51:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Goniometry::System system() const;
data/kig-20.08.0/misc/goniometry.h:52:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
double getValue( Goniometry::System system );
data/kig-20.08.0/misc/kiginputdialog.cc:169:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
d->m_comboBox->setCurrentIndex( d->m_gonio.system() );
data/kig-20.08.0/filters/asyexporter.cc:78:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/filters/cabri-filter.cc:143:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! f.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/filters/drgeo-filter.cc:82:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! f.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/filters/exporter.cc:122:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/filters/geogebra-filter.cpp:62:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( geogebraFile.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/filters/geogebra-filter.cpp:74:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
queryDevice.open( QFile::ReadOnly );
data/kig-20.08.0/filters/kseg-filter.cc:202:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! ffile.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/filters/kseg-filter.cc:220:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buf.open( QIODevice::ReadOnly );
data/kig-20.08.0/filters/latexexporter.cc:574:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/filters/native-filter.cc:106:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! ffile.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/filters/native-filter.cc:133:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ark.open( QIODevice::ReadOnly );
data/kig-20.08.0/filters/native-filter.cc:153:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !kigdoc.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/filters/native-filter.cc:762:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
QFile ftmpfile( tmpfile );
data/kig-20.08.0/filters/native-filter.cc:763:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !ftmpfile.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/filters/native-filter.cc:771:39: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
qDebug() << "tmp saved file: " << tmpfile;
data/kig-20.08.0/filters/native-filter.cc:775:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ark.open( QIODevice::WriteOnly );
data/kig-20.08.0/filters/native-filter.cc:776:23: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
ark.addLocalFile( tmpfile, tempname + ".kig" );
data/kig-20.08.0/filters/native-filter.cc:780:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
QFile::remove( tmpfile );
data/kig-20.08.0/filters/native-filter.cc:787:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/filters/svgexporter.cc:77:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/filters/xfigexporter.cc:587:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/kig/kig.cpp:100:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
KStandardAction::open(this, SLOT(fileOpen()), actionCollection());
data/kig-20.08.0/misc/lists.cc:291:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::WriteOnly ) )
data/kig-20.08.0/misc/lists.cc:301:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! file.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/modes/typesdialog.cpp:583:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( geogebraFile.open( QIODevice::ReadOnly ) )
data/kig-20.08.0/modes/typesdialog.cpp:596:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
queryDevice.open( QFile::ReadOnly );
ANALYSIS SUMMARY:
Hits = 42
Lines analyzed = 63602 in approximately 1.51 seconds (42064 lines/second)
Physical Source Lines of Code (SLOC) = 44275
Hits@level = [0] 1 [1] 0 [2] 26 [3] 0 [4] 16 [5] 0
Hits@level+ = [0+] 43 [1+] 42 [2+] 42 [3+] 16 [4+] 16 [5+] 0
Hits/KSLOC@level+ = [0+] 0.971203 [1+] 0.948617 [2+] 0.948617 [3+] 0.361378 [4+] 0.361378 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.