Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kig-20.08.0/modes/label.cc Examining data/kig-20.08.0/modes/textlabelwizard.h Examining data/kig-20.08.0/modes/typesdialog.h Examining data/kig-20.08.0/modes/typesdialog.cpp Examining data/kig-20.08.0/modes/edittype.cc Examining data/kig-20.08.0/modes/textlabelwizard.cc Examining data/kig-20.08.0/modes/mode.cc Examining data/kig-20.08.0/modes/dragrectmode.h Examining data/kig-20.08.0/modes/macrowizard.h Examining data/kig-20.08.0/modes/macro.h Examining data/kig-20.08.0/modes/macrowizard.cc Examining data/kig-20.08.0/modes/historydialog.cc Examining data/kig-20.08.0/modes/historydialog.h Examining data/kig-20.08.0/modes/linkslabel.cpp Examining data/kig-20.08.0/modes/popup/popupactionprovider.h Examining data/kig-20.08.0/modes/popup/propertiesactionsprovider.h Examining data/kig-20.08.0/modes/popup/scriptactionsprovider.h Examining data/kig-20.08.0/modes/popup/objectchooserpopup.cc Examining data/kig-20.08.0/modes/popup/builtindocumentactionsprovider.cc Examining data/kig-20.08.0/modes/popup/nameobjectactionsprovider.cc Examining data/kig-20.08.0/modes/popup/objectchooserpopup.h Examining data/kig-20.08.0/modes/popup/objecttypeactionsprovider.cc Examining data/kig-20.08.0/modes/popup/builtindocumentactionsprovider.h Examining data/kig-20.08.0/modes/popup/objectconstructoractionsprovider.cc Examining data/kig-20.08.0/modes/popup/builtinobjectactionsprovider.h Examining data/kig-20.08.0/modes/popup/popup.cc Examining data/kig-20.08.0/modes/popup/nameobjectactionsprovider.h Examining data/kig-20.08.0/modes/popup/scriptactionsprovider.cc Examining data/kig-20.08.0/modes/popup/popup.h Examining data/kig-20.08.0/modes/popup/objectconstructoractionsprovider.h Examining data/kig-20.08.0/modes/popup/propertiesactionsprovider.cc Examining data/kig-20.08.0/modes/popup/builtinobjectactionsprovider.cc Examining data/kig-20.08.0/modes/popup/objecttypeactionsprovider.h Examining data/kig-20.08.0/modes/normal.cc Examining data/kig-20.08.0/modes/normal.h Examining data/kig-20.08.0/modes/dragrectmode.cc Examining data/kig-20.08.0/modes/label.h Examining data/kig-20.08.0/modes/construct_mode.h Examining data/kig-20.08.0/modes/base_mode.h Examining data/kig-20.08.0/modes/moving.cc Examining data/kig-20.08.0/modes/mode.h Examining data/kig-20.08.0/modes/macro.cc Examining data/kig-20.08.0/modes/base_mode.cc Examining data/kig-20.08.0/modes/construct_mode.cc Examining data/kig-20.08.0/modes/linkslabel.h Examining data/kig-20.08.0/modes/moving.h Examining data/kig-20.08.0/modes/edittype.h Examining data/kig-20.08.0/misc/equationstring.cc Examining data/kig-20.08.0/misc/rect.h Examining data/kig-20.08.0/misc/builtin_stuff.h Examining data/kig-20.08.0/misc/kigpainter.cpp Examining data/kig-20.08.0/misc/argsparser.cpp Examining data/kig-20.08.0/misc/kigtransform.h Examining data/kig-20.08.0/misc/point_style.h Examining data/kig-20.08.0/misc/common.cpp Examining data/kig-20.08.0/misc/object_hierarchy.cc Examining data/kig-20.08.0/misc/builtin_stuff.cc Examining data/kig-20.08.0/misc/kiginputdialog.h Examining data/kig-20.08.0/misc/kigcoordinateprecisiondialog.cpp Examining data/kig-20.08.0/misc/cubic-common.h Examining data/kig-20.08.0/misc/kignumerics.h Examining data/kig-20.08.0/misc/common.h Examining data/kig-20.08.0/misc/lists.cc Examining data/kig-20.08.0/misc/kigtransform.cpp Examining data/kig-20.08.0/misc/argsparser.h Examining data/kig-20.08.0/misc/kigfiledialog.cc Examining data/kig-20.08.0/misc/kignumerics.cpp Examining data/kig-20.08.0/misc/screeninfo.cc Examining data/kig-20.08.0/misc/special_constructors.cc Examining data/kig-20.08.0/misc/unit.h Examining data/kig-20.08.0/misc/unit.cc Examining data/kig-20.08.0/misc/conic-common.cpp Examining data/kig-20.08.0/misc/guiaction.h Examining data/kig-20.08.0/misc/kiginputdialog.cc Examining data/kig-20.08.0/misc/object_constructor.cc Examining data/kig-20.08.0/misc/coordinate_system.cpp Examining data/kig-20.08.0/misc/kigpainter.h Examining data/kig-20.08.0/misc/conic-common.h Examining data/kig-20.08.0/misc/kigfiledialog.h Examining data/kig-20.08.0/misc/kigcoordinateprecisiondialog.h Examining data/kig-20.08.0/misc/goniometry.h Examining data/kig-20.08.0/misc/lists.h Examining data/kig-20.08.0/misc/object_hierarchy.h Examining data/kig-20.08.0/misc/goniometry.cc Examining data/kig-20.08.0/misc/equationstring.h Examining data/kig-20.08.0/misc/object_constructor.h Examining data/kig-20.08.0/misc/screeninfo.h Examining data/kig-20.08.0/misc/rect.cc Examining data/kig-20.08.0/misc/guiaction.cc Examining data/kig-20.08.0/misc/coordinate.cpp Examining data/kig-20.08.0/misc/coordinate_system.h Examining data/kig-20.08.0/misc/cubic-common.cc Examining data/kig-20.08.0/misc/special_constructors.h Examining data/kig-20.08.0/misc/boost_intrusive_pointer.hpp Examining data/kig-20.08.0/misc/coordinate.h Examining data/kig-20.08.0/misc/calcpaths.h Examining data/kig-20.08.0/misc/calcpaths.cc Examining data/kig-20.08.0/objects/curve_imp.h Examining data/kig-20.08.0/objects/object_drawer.h Examining data/kig-20.08.0/objects/tangent_type.h Examining data/kig-20.08.0/objects/object_factory.h Examining data/kig-20.08.0/objects/circle_imp.cc Examining data/kig-20.08.0/objects/line_imp.h Examining data/kig-20.08.0/objects/common.cc Examining data/kig-20.08.0/objects/text_imp.h Examining data/kig-20.08.0/objects/angle_type.h Examining data/kig-20.08.0/objects/object_type_factory.h Examining data/kig-20.08.0/objects/cubic_type.cc Examining data/kig-20.08.0/objects/text_imp.cc Examining data/kig-20.08.0/objects/inversion_type.cc Examining data/kig-20.08.0/objects/vector_type.h Examining data/kig-20.08.0/objects/object_drawer.cc Examining data/kig-20.08.0/objects/bezier_type.cc Examining data/kig-20.08.0/objects/special_imptypes.h Examining data/kig-20.08.0/objects/object_imp_factory.h Examining data/kig-20.08.0/objects/line_imp.cc Examining data/kig-20.08.0/objects/point_type.h Examining data/kig-20.08.0/objects/object_type_factory.cc Examining data/kig-20.08.0/objects/common.h Examining data/kig-20.08.0/objects/bogus_imp.h Examining data/kig-20.08.0/objects/angle_type.cc Examining data/kig-20.08.0/objects/curve_imp.cc Examining data/kig-20.08.0/objects/base_type.h Examining data/kig-20.08.0/objects/line_type.h Examining data/kig-20.08.0/objects/point_type.cc Examining data/kig-20.08.0/objects/circle_type.cc Examining data/kig-20.08.0/objects/conic_types.cc Examining data/kig-20.08.0/objects/cubic_imp.cc Examining data/kig-20.08.0/objects/base_type.cc Examining data/kig-20.08.0/objects/other_imp.h Examining data/kig-20.08.0/objects/tangent_type.cc Examining data/kig-20.08.0/objects/bogus_imp.cc Examining data/kig-20.08.0/objects/object_factory.cc Examining data/kig-20.08.0/objects/intersection_types.cc Examining data/kig-20.08.0/objects/object_holder.cc Examining data/kig-20.08.0/objects/bezier_imp.h Examining data/kig-20.08.0/objects/inversion_type.h Examining data/kig-20.08.0/objects/arc_type.h Examining data/kig-20.08.0/objects/object_imp.cc Examining data/kig-20.08.0/objects/object_type.h Examining data/kig-20.08.0/objects/object_imp.h Examining data/kig-20.08.0/objects/bezier_type.h Examining data/kig-20.08.0/objects/polygon_type.cc Examining data/kig-20.08.0/objects/locus_imp.h Examining data/kig-20.08.0/objects/polygon_imp.h Examining data/kig-20.08.0/objects/line_type.cc Examining data/kig-20.08.0/objects/transform_types.h Examining data/kig-20.08.0/objects/other_type.h Examining data/kig-20.08.0/objects/arc_type.cc Examining data/kig-20.08.0/objects/cubic_imp.h Examining data/kig-20.08.0/objects/transform_types.cc Examining data/kig-20.08.0/objects/bezier_imp.cc Examining data/kig-20.08.0/objects/polygon_type.h Examining data/kig-20.08.0/objects/tests_type.cc Examining data/kig-20.08.0/objects/object_holder.h Examining data/kig-20.08.0/objects/locus_imp.cc Examining data/kig-20.08.0/objects/circle_type.h Examining data/kig-20.08.0/objects/circle_imp.h Examining data/kig-20.08.0/objects/special_calcers.cc Examining data/kig-20.08.0/objects/special_imptypes.cc Examining data/kig-20.08.0/objects/cubic_type.h Examining data/kig-20.08.0/objects/other_type.cc Examining data/kig-20.08.0/objects/centerofcurvature_type.cc Examining data/kig-20.08.0/objects/text_type.cc Examining data/kig-20.08.0/objects/text_type.h Examining data/kig-20.08.0/objects/tests_type.h Examining data/kig-20.08.0/objects/polygon_imp.cc Examining data/kig-20.08.0/objects/conic_imp.cc Examining data/kig-20.08.0/objects/vector_type.cc Examining data/kig-20.08.0/objects/point_imp.cc Examining data/kig-20.08.0/objects/intersection_types.h Examining data/kig-20.08.0/objects/object_type.cc Examining data/kig-20.08.0/objects/centerofcurvature_type.h Examining data/kig-20.08.0/objects/object_imp_factory.cc Examining data/kig-20.08.0/objects/other_imp.cc Examining data/kig-20.08.0/objects/object_calcer.cc Examining data/kig-20.08.0/objects/conic_types.h Examining data/kig-20.08.0/objects/point_imp.h Examining data/kig-20.08.0/objects/object_calcer.h Examining data/kig-20.08.0/objects/special_calcers.h Examining data/kig-20.08.0/objects/conic_imp.h Examining data/kig-20.08.0/scripting/script-common.cc Examining data/kig-20.08.0/scripting/script_mode.h Examining data/kig-20.08.0/scripting/script-common.h Examining data/kig-20.08.0/scripting/python_scripter.cc Examining data/kig-20.08.0/scripting/newscriptwizard.h Examining data/kig-20.08.0/scripting/newscriptwizard.cc Examining data/kig-20.08.0/scripting/python_type.h Examining data/kig-20.08.0/scripting/script_mode.cc Examining data/kig-20.08.0/scripting/python_scripter.h Examining data/kig-20.08.0/scripting/python_type.cc Examining data/kig-20.08.0/tests/coordinatevalidatortest.cpp Examining data/kig-20.08.0/filters/asyexporter.cc Examining data/kig-20.08.0/filters/kseg-filter.cc Examining data/kig-20.08.0/filters/latexexporter.h Examining data/kig-20.08.0/filters/xfigexporter.h Examining data/kig-20.08.0/filters/filter.cc Examining data/kig-20.08.0/filters/pgfexporterimpvisitor.cc Examining data/kig-20.08.0/filters/asyexporterimpvisitor.cc Examining data/kig-20.08.0/filters/filters-common.cc Examining data/kig-20.08.0/filters/svgexporter.cc Examining data/kig-20.08.0/filters/svgexporteroptions.cc Examining data/kig-20.08.0/filters/cabri-filter.h Examining data/kig-20.08.0/filters/cabri-filter.cc Examining data/kig-20.08.0/filters/asyexporteroptions.h Examining data/kig-20.08.0/filters/geogebra-filter.h Examining data/kig-20.08.0/filters/kgeo-resource.h Examining data/kig-20.08.0/filters/xfigexporter.cc Examining data/kig-20.08.0/filters/drgeo-filter.h Examining data/kig-20.08.0/filters/asyexporteroptions.cc Examining data/kig-20.08.0/filters/cabri-utils.h Examining data/kig-20.08.0/filters/asyexporterimpvisitor.h Examining data/kig-20.08.0/filters/svgexporteroptions.h Examining data/kig-20.08.0/filters/kgeo-filter.h Examining data/kig-20.08.0/filters/geogebra-filter.cpp Examining data/kig-20.08.0/filters/native-filter.cc Examining data/kig-20.08.0/filters/filters-common.h Examining data/kig-20.08.0/filters/kseg-filter.h Examining data/kig-20.08.0/filters/drgeo-filter.cc Examining data/kig-20.08.0/filters/native-filter.h Examining data/kig-20.08.0/filters/asyexporter.h Examining data/kig-20.08.0/filters/latexexporter.cc Examining data/kig-20.08.0/filters/latexexporteroptions.cc Examining data/kig-20.08.0/filters/pgfexporterimpvisitor.h Examining data/kig-20.08.0/filters/imageexporteroptions.h Examining data/kig-20.08.0/filters/kgeo-filter.cc Examining data/kig-20.08.0/filters/exporter.h Examining data/kig-20.08.0/filters/svgexporter.h Examining data/kig-20.08.0/filters/cabri-utils.cc Examining data/kig-20.08.0/filters/filter.h Examining data/kig-20.08.0/filters/kseg-defs.h Examining data/kig-20.08.0/filters/imageexporteroptions.cc Examining data/kig-20.08.0/filters/latexexporteroptions.h Examining data/kig-20.08.0/filters/exporter.cc Examining data/kig-20.08.0/kig/kig.cpp Examining data/kig-20.08.0/kig/kig_part.cpp Examining data/kig-20.08.0/kig/kig_document.h Examining data/kig-20.08.0/kig/kig_part.h Examining data/kig-20.08.0/kig/aboutdata.h Examining data/kig-20.08.0/kig/kig_view.h Examining data/kig-20.08.0/kig/kig_commands.h Examining data/kig-20.08.0/kig/kig_iface.cpp Examining data/kig-20.08.0/kig/kig_iface.h Examining data/kig-20.08.0/kig/kig_view.cpp Examining data/kig-20.08.0/kig/main.cpp Examining data/kig-20.08.0/kig/kig.h Examining data/kig-20.08.0/kig/kig_document.cc Examining data/kig-20.08.0/kig/kig_commands.cpp Examining data/kig-20.08.0/geogebra/geogebratransformer.cpp Examining data/kig-20.08.0/geogebra/geogebrasection.cpp Examining data/kig-20.08.0/geogebra/geogebrasection.h Examining data/kig-20.08.0/geogebra/geogebratransformer.h FINAL RESULTS: data/kig-20.08.0/misc/goniometry.cc:36:58: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. Goniometry::Goniometry( double value, Goniometry::System system ) data/kig-20.08.0/misc/goniometry.cc:39:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. msys = system; data/kig-20.08.0/misc/goniometry.cc:56:48: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void Goniometry::setSystem( Goniometry::System system ) data/kig-20.08.0/misc/goniometry.cc:58:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. msys = system; data/kig-20.08.0/misc/goniometry.cc:61:48: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void Goniometry::convertTo( Goniometry::System system ) data/kig-20.08.0/misc/goniometry.cc:63:35: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. mvalue = convert( mvalue, msys, system ); data/kig-20.08.0/misc/goniometry.cc:64:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. msys = system; data/kig-20.08.0/misc/goniometry.cc:67:32: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. Goniometry::System Goniometry::system() const data/kig-20.08.0/misc/goniometry.cc:72:49: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. double Goniometry::getValue( Goniometry::System system ) data/kig-20.08.0/misc/goniometry.cc:74:33: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. return convert( mvalue, msys, system ); data/kig-20.08.0/misc/goniometry.h:33:48: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. Goniometry( double value, Goniometry::System system ); data/kig-20.08.0/misc/goniometry.h:43:38: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void setSystem( Goniometry::System system ); data/kig-20.08.0/misc/goniometry.h:50:38: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void convertTo( Goniometry::System system ); data/kig-20.08.0/misc/goniometry.h:51:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. Goniometry::System system() const; data/kig-20.08.0/misc/goniometry.h:52:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. double getValue( Goniometry::System system ); data/kig-20.08.0/misc/kiginputdialog.cc:169:46: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. d->m_comboBox->setCurrentIndex( d->m_gonio.system() ); data/kig-20.08.0/filters/asyexporter.cc:78:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/filters/cabri-filter.cc:143:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! f.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/filters/drgeo-filter.cc:82:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! f.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/filters/exporter.cc:122:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/filters/geogebra-filter.cpp:62:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( geogebraFile.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/filters/geogebra-filter.cpp:74:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). queryDevice.open( QFile::ReadOnly ); data/kig-20.08.0/filters/kseg-filter.cc:202:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! ffile.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/filters/kseg-filter.cc:220:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buf.open( QIODevice::ReadOnly ); data/kig-20.08.0/filters/latexexporter.cc:574:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/filters/native-filter.cc:106:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! ffile.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/filters/native-filter.cc:133:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ark.open( QIODevice::ReadOnly ); data/kig-20.08.0/filters/native-filter.cc:153:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !kigdoc.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/filters/native-filter.cc:762:21: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). QFile ftmpfile( tmpfile ); data/kig-20.08.0/filters/native-filter.cc:763:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !ftmpfile.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/filters/native-filter.cc:771:39: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). qDebug() << "tmp saved file: " << tmpfile; data/kig-20.08.0/filters/native-filter.cc:775:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ark.open( QIODevice::WriteOnly ); data/kig-20.08.0/filters/native-filter.cc:776:23: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). ark.addLocalFile( tmpfile, tempname + ".kig" ); data/kig-20.08.0/filters/native-filter.cc:780:20: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). QFile::remove( tmpfile ); data/kig-20.08.0/filters/native-filter.cc:787:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/filters/svgexporter.cc:77:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/filters/xfigexporter.cc:587:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/kig/kig.cpp:100:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). KStandardAction::open(this, SLOT(fileOpen()), actionCollection()); data/kig-20.08.0/misc/lists.cc:291:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::WriteOnly ) ) data/kig-20.08.0/misc/lists.cc:301:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! file.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/modes/typesdialog.cpp:583:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( geogebraFile.open( QIODevice::ReadOnly ) ) data/kig-20.08.0/modes/typesdialog.cpp:596:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). queryDevice.open( QFile::ReadOnly ); ANALYSIS SUMMARY: Hits = 42 Lines analyzed = 63602 in approximately 1.51 seconds (42064 lines/second) Physical Source Lines of Code (SLOC) = 44275 Hits@level = [0] 1 [1] 0 [2] 26 [3] 0 [4] 16 [5] 0 Hits@level+ = [0+] 43 [1+] 42 [2+] 42 [3+] 16 [4+] 16 [5+] 0 Hits/KSLOC@level+ = [0+] 0.971203 [1+] 0.948617 [2+] 0.948617 [3+] 0.361378 [4+] 0.361378 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.