Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kpmcore-4.2.0/src/backend/corebackend.cpp
Examining data/kpmcore-4.2.0/src/backend/corebackend.h
Examining data/kpmcore-4.2.0/src/backend/corebackenddevice.cpp
Examining data/kpmcore-4.2.0/src/backend/corebackenddevice.h
Examining data/kpmcore-4.2.0/src/backend/corebackendmanager.cpp
Examining data/kpmcore-4.2.0/src/backend/corebackendmanager.h
Examining data/kpmcore-4.2.0/src/backend/corebackendpartitiontable.cpp
Examining data/kpmcore-4.2.0/src/backend/corebackendpartitiontable.h
Examining data/kpmcore-4.2.0/src/core/copysource.cpp
Examining data/kpmcore-4.2.0/src/core/copysource.h
Examining data/kpmcore-4.2.0/src/core/copysourcedevice.cpp
Examining data/kpmcore-4.2.0/src/core/copysourcedevice.h
Examining data/kpmcore-4.2.0/src/core/copysourcefile.cpp
Examining data/kpmcore-4.2.0/src/core/copysourcefile.h
Examining data/kpmcore-4.2.0/src/core/copysourceshred.cpp
Examining data/kpmcore-4.2.0/src/core/copysourceshred.h
Examining data/kpmcore-4.2.0/src/core/copytarget.cpp
Examining data/kpmcore-4.2.0/src/core/copytarget.h
Examining data/kpmcore-4.2.0/src/core/copytargetbytearray.cpp
Examining data/kpmcore-4.2.0/src/core/copytargetbytearray.h
Examining data/kpmcore-4.2.0/src/core/copytargetdevice.cpp
Examining data/kpmcore-4.2.0/src/core/copytargetdevice.h
Examining data/kpmcore-4.2.0/src/core/copytargetfile.cpp
Examining data/kpmcore-4.2.0/src/core/copytargetfile.h
Examining data/kpmcore-4.2.0/src/core/device.cpp
Examining data/kpmcore-4.2.0/src/core/device.h
Examining data/kpmcore-4.2.0/src/core/device_p.h
Examining data/kpmcore-4.2.0/src/core/devicescanner.cpp
Examining data/kpmcore-4.2.0/src/core/devicescanner.h
Examining data/kpmcore-4.2.0/src/core/diskdevice.cpp
Examining data/kpmcore-4.2.0/src/core/diskdevice.h
Examining data/kpmcore-4.2.0/src/core/fstab.cpp
Examining data/kpmcore-4.2.0/src/core/fstab.h
Examining data/kpmcore-4.2.0/src/core/lvmdevice.cpp
Examining data/kpmcore-4.2.0/src/core/lvmdevice.h
Examining data/kpmcore-4.2.0/src/core/operationrunner.cpp
Examining data/kpmcore-4.2.0/src/core/operationrunner.h
Examining data/kpmcore-4.2.0/src/core/operationstack.cpp
Examining data/kpmcore-4.2.0/src/core/operationstack.h
Examining data/kpmcore-4.2.0/src/core/partition.cpp
Examining data/kpmcore-4.2.0/src/core/partition.h
Examining data/kpmcore-4.2.0/src/core/partitionalignment.cpp
Examining data/kpmcore-4.2.0/src/core/partitionalignment.h
Examining data/kpmcore-4.2.0/src/core/partitionnode.cpp
Examining data/kpmcore-4.2.0/src/core/partitionnode.h
Examining data/kpmcore-4.2.0/src/core/partitionrole.cpp
Examining data/kpmcore-4.2.0/src/core/partitionrole.h
Examining data/kpmcore-4.2.0/src/core/partitiontable.cpp
Examining data/kpmcore-4.2.0/src/core/partitiontable.h
Examining data/kpmcore-4.2.0/src/core/raid/softwareraid.cpp
Examining data/kpmcore-4.2.0/src/core/raid/softwareraid.h
Examining data/kpmcore-4.2.0/src/core/smartattribute.cpp
Examining data/kpmcore-4.2.0/src/core/smartattribute.h
Examining data/kpmcore-4.2.0/src/core/smartattributeparseddata.cpp
Examining data/kpmcore-4.2.0/src/core/smartattributeparseddata.h
Examining data/kpmcore-4.2.0/src/core/smartdiskinformation.cpp
Examining data/kpmcore-4.2.0/src/core/smartdiskinformation.h
Examining data/kpmcore-4.2.0/src/core/smartparser.cpp
Examining data/kpmcore-4.2.0/src/core/smartparser.h
Examining data/kpmcore-4.2.0/src/core/smartstatus.cpp
Examining data/kpmcore-4.2.0/src/core/smartstatus.h
Examining data/kpmcore-4.2.0/src/core/volumemanagerdevice.cpp
Examining data/kpmcore-4.2.0/src/core/volumemanagerdevice.h
Examining data/kpmcore-4.2.0/src/core/volumemanagerdevice_p.h
Examining data/kpmcore-4.2.0/src/fs/apfs.cpp
Examining data/kpmcore-4.2.0/src/fs/apfs.h
Examining data/kpmcore-4.2.0/src/fs/bitlocker.cpp
Examining data/kpmcore-4.2.0/src/fs/bitlocker.h
Examining data/kpmcore-4.2.0/src/fs/btrfs.cpp
Examining data/kpmcore-4.2.0/src/fs/btrfs.h
Examining data/kpmcore-4.2.0/src/fs/exfat.cpp
Examining data/kpmcore-4.2.0/src/fs/exfat.h
Examining data/kpmcore-4.2.0/src/fs/ext2.cpp
Examining data/kpmcore-4.2.0/src/fs/ext2.h
Examining data/kpmcore-4.2.0/src/fs/ext3.cpp
Examining data/kpmcore-4.2.0/src/fs/ext3.h
Examining data/kpmcore-4.2.0/src/fs/ext4.cpp
Examining data/kpmcore-4.2.0/src/fs/ext4.h
Examining data/kpmcore-4.2.0/src/fs/extended.cpp
Examining data/kpmcore-4.2.0/src/fs/extended.h
Examining data/kpmcore-4.2.0/src/fs/f2fs.cpp
Examining data/kpmcore-4.2.0/src/fs/f2fs.h
Examining data/kpmcore-4.2.0/src/fs/fat12.cpp
Examining data/kpmcore-4.2.0/src/fs/fat12.h
Examining data/kpmcore-4.2.0/src/fs/fat16.cpp
Examining data/kpmcore-4.2.0/src/fs/fat16.h
Examining data/kpmcore-4.2.0/src/fs/fat32.cpp
Examining data/kpmcore-4.2.0/src/fs/fat32.h
Examining data/kpmcore-4.2.0/src/fs/filesystem.cpp
Examining data/kpmcore-4.2.0/src/fs/filesystem.h
Examining data/kpmcore-4.2.0/src/fs/filesystem_p.h
Examining data/kpmcore-4.2.0/src/fs/filesystemfactory.cpp
Examining data/kpmcore-4.2.0/src/fs/filesystemfactory.h
Examining data/kpmcore-4.2.0/src/fs/hfs.cpp
Examining data/kpmcore-4.2.0/src/fs/hfs.h
Examining data/kpmcore-4.2.0/src/fs/hfsplus.cpp
Examining data/kpmcore-4.2.0/src/fs/hfsplus.h
Examining data/kpmcore-4.2.0/src/fs/hpfs.cpp
Examining data/kpmcore-4.2.0/src/fs/hpfs.h
Examining data/kpmcore-4.2.0/src/fs/iso9660.cpp
Examining data/kpmcore-4.2.0/src/fs/iso9660.h
Examining data/kpmcore-4.2.0/src/fs/jfs.cpp
Examining data/kpmcore-4.2.0/src/fs/jfs.h
Examining data/kpmcore-4.2.0/src/fs/linuxraidmember.cpp
Examining data/kpmcore-4.2.0/src/fs/linuxraidmember.h
Examining data/kpmcore-4.2.0/src/fs/linuxswap.cpp
Examining data/kpmcore-4.2.0/src/fs/linuxswap.h
Examining data/kpmcore-4.2.0/src/fs/luks.cpp
Examining data/kpmcore-4.2.0/src/fs/luks.h
Examining data/kpmcore-4.2.0/src/fs/luks2.cpp
Examining data/kpmcore-4.2.0/src/fs/luks2.h
Examining data/kpmcore-4.2.0/src/fs/lvm2_pv.cpp
Examining data/kpmcore-4.2.0/src/fs/lvm2_pv.h
Examining data/kpmcore-4.2.0/src/fs/minix.cpp
Examining data/kpmcore-4.2.0/src/fs/minix.h
Examining data/kpmcore-4.2.0/src/fs/nilfs2.cpp
Examining data/kpmcore-4.2.0/src/fs/nilfs2.h
Examining data/kpmcore-4.2.0/src/fs/ntfs.cpp
Examining data/kpmcore-4.2.0/src/fs/ntfs.h
Examining data/kpmcore-4.2.0/src/fs/ocfs2.cpp
Examining data/kpmcore-4.2.0/src/fs/ocfs2.h
Examining data/kpmcore-4.2.0/src/fs/reiser4.cpp
Examining data/kpmcore-4.2.0/src/fs/reiser4.h
Examining data/kpmcore-4.2.0/src/fs/reiserfs.cpp
Examining data/kpmcore-4.2.0/src/fs/reiserfs.h
Examining data/kpmcore-4.2.0/src/fs/udf.cpp
Examining data/kpmcore-4.2.0/src/fs/udf.h
Examining data/kpmcore-4.2.0/src/fs/ufs.cpp
Examining data/kpmcore-4.2.0/src/fs/ufs.h
Examining data/kpmcore-4.2.0/src/fs/unformatted.cpp
Examining data/kpmcore-4.2.0/src/fs/unformatted.h
Examining data/kpmcore-4.2.0/src/fs/unknown.cpp
Examining data/kpmcore-4.2.0/src/fs/unknown.h
Examining data/kpmcore-4.2.0/src/fs/xfs.cpp
Examining data/kpmcore-4.2.0/src/fs/xfs.h
Examining data/kpmcore-4.2.0/src/fs/zfs.cpp
Examining data/kpmcore-4.2.0/src/fs/zfs.h
Examining data/kpmcore-4.2.0/src/gui/partresizerwidget.cpp
Examining data/kpmcore-4.2.0/src/gui/partresizerwidget.h
Examining data/kpmcore-4.2.0/src/gui/partwidget.cpp
Examining data/kpmcore-4.2.0/src/gui/partwidget.h
Examining data/kpmcore-4.2.0/src/gui/partwidgetbase.cpp
Examining data/kpmcore-4.2.0/src/gui/partwidgetbase.h
Examining data/kpmcore-4.2.0/src/jobs/backupfilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/backupfilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/checkfilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/checkfilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/copyfilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/copyfilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/createfilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/createfilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/createpartitionjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/createpartitionjob.h
Examining data/kpmcore-4.2.0/src/jobs/createpartitiontablejob.cpp
Examining data/kpmcore-4.2.0/src/jobs/createpartitiontablejob.h
Examining data/kpmcore-4.2.0/src/jobs/createvolumegroupjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/createvolumegroupjob.h
Examining data/kpmcore-4.2.0/src/jobs/deactivatelogicalvolumejob.cpp
Examining data/kpmcore-4.2.0/src/jobs/deactivatelogicalvolumejob.h
Examining data/kpmcore-4.2.0/src/jobs/deactivatevolumegroupjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/deactivatevolumegroupjob.h
Examining data/kpmcore-4.2.0/src/jobs/deletefilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/deletefilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/deletepartitionjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/deletepartitionjob.h
Examining data/kpmcore-4.2.0/src/jobs/job.cpp
Examining data/kpmcore-4.2.0/src/jobs/job.h
Examining data/kpmcore-4.2.0/src/jobs/movefilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/movefilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/movephysicalvolumejob.cpp
Examining data/kpmcore-4.2.0/src/jobs/movephysicalvolumejob.h
Examining data/kpmcore-4.2.0/src/jobs/removevolumegroupjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/removevolumegroupjob.h
Examining data/kpmcore-4.2.0/src/jobs/resizefilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/resizefilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/resizevolumegroupjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/resizevolumegroupjob.h
Examining data/kpmcore-4.2.0/src/jobs/restorefilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/restorefilesystemjob.h
Examining data/kpmcore-4.2.0/src/jobs/setfilesystemlabeljob.cpp
Examining data/kpmcore-4.2.0/src/jobs/setfilesystemlabeljob.h
Examining data/kpmcore-4.2.0/src/jobs/setpartflagsjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/setpartflagsjob.h
Examining data/kpmcore-4.2.0/src/jobs/setpartgeometryjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/setpartgeometryjob.h
Examining data/kpmcore-4.2.0/src/jobs/setpartitionattributesjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/setpartitionattributesjob.h
Examining data/kpmcore-4.2.0/src/jobs/setpartitionlabeljob.cpp
Examining data/kpmcore-4.2.0/src/jobs/setpartitionlabeljob.h
Examining data/kpmcore-4.2.0/src/jobs/setpartitionuuidjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/setpartitionuuidjob.h
Examining data/kpmcore-4.2.0/src/jobs/shredfilesystemjob.cpp
Examining data/kpmcore-4.2.0/src/jobs/shredfilesystemjob.h
Examining data/kpmcore-4.2.0/src/ops/backupoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/backupoperation.h
Examining data/kpmcore-4.2.0/src/ops/checkoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/checkoperation.h
Examining data/kpmcore-4.2.0/src/ops/copyoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/copyoperation.h
Examining data/kpmcore-4.2.0/src/ops/createfilesystemoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/createfilesystemoperation.h
Examining data/kpmcore-4.2.0/src/ops/createpartitiontableoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/createpartitiontableoperation.h
Examining data/kpmcore-4.2.0/src/ops/createvolumegroupoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/createvolumegroupoperation.h
Examining data/kpmcore-4.2.0/src/ops/deactivatevolumegroupoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/deactivatevolumegroupoperation.h
Examining data/kpmcore-4.2.0/src/ops/deleteoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/deleteoperation.h
Examining data/kpmcore-4.2.0/src/ops/newoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/newoperation.h
Examining data/kpmcore-4.2.0/src/ops/operation.cpp
Examining data/kpmcore-4.2.0/src/ops/operation.h
Examining data/kpmcore-4.2.0/src/ops/operation_p.h
Examining data/kpmcore-4.2.0/src/ops/removevolumegroupoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/removevolumegroupoperation.h
Examining data/kpmcore-4.2.0/src/ops/resizeoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/resizeoperation.h
Examining data/kpmcore-4.2.0/src/ops/resizevolumegroupoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/resizevolumegroupoperation.h
Examining data/kpmcore-4.2.0/src/ops/restoreoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/restoreoperation.h
Examining data/kpmcore-4.2.0/src/ops/setfilesystemlabeloperation.cpp
Examining data/kpmcore-4.2.0/src/ops/setfilesystemlabeloperation.h
Examining data/kpmcore-4.2.0/src/ops/setpartflagsoperation.cpp
Examining data/kpmcore-4.2.0/src/ops/setpartflagsoperation.h
Examining data/kpmcore-4.2.0/src/plugins/dummy/dummybackend.cpp
Examining data/kpmcore-4.2.0/src/plugins/dummy/dummybackend.h
Examining data/kpmcore-4.2.0/src/plugins/dummy/dummydevice.cpp
Examining data/kpmcore-4.2.0/src/plugins/dummy/dummydevice.h
Examining data/kpmcore-4.2.0/src/plugins/dummy/dummypartitiontable.cpp
Examining data/kpmcore-4.2.0/src/plugins/dummy/dummypartitiontable.h
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskbackend.cpp
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskbackend.h
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskdevice.cpp
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskdevice.h
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskgptattributes.cpp
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskgptattributes.h
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskpartitiontable.cpp
Examining data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskpartitiontable.h
Examining data/kpmcore-4.2.0/src/util/capacity.cpp
Examining data/kpmcore-4.2.0/src/util/capacity.h
Examining data/kpmcore-4.2.0/src/util/externalcommand.cpp
Examining data/kpmcore-4.2.0/src/util/externalcommand.h
Examining data/kpmcore-4.2.0/src/util/externalcommand_whitelist.h
Examining data/kpmcore-4.2.0/src/util/externalcommandhelper.cpp
Examining data/kpmcore-4.2.0/src/util/externalcommandhelper.h
Examining data/kpmcore-4.2.0/src/util/globallog.cpp
Examining data/kpmcore-4.2.0/src/util/globallog.h
Examining data/kpmcore-4.2.0/src/util/helpers.cpp
Examining data/kpmcore-4.2.0/src/util/helpers.h
Examining data/kpmcore-4.2.0/src/util/htmlreport.cpp
Examining data/kpmcore-4.2.0/src/util/htmlreport.h
Examining data/kpmcore-4.2.0/src/util/libpartitionmanagerexport.h
Examining data/kpmcore-4.2.0/src/util/report.cpp
Examining data/kpmcore-4.2.0/src/util/report.h
Examining data/kpmcore-4.2.0/test/helpers.cpp
Examining data/kpmcore-4.2.0/test/helpers.h
Examining data/kpmcore-4.2.0/test/testdevice.cpp
Examining data/kpmcore-4.2.0/test/testdevice.h
Examining data/kpmcore-4.2.0/test/testdevicescanner.cpp
Examining data/kpmcore-4.2.0/test/testexternalcommand.cpp
Examining data/kpmcore-4.2.0/test/testinit.cpp
Examining data/kpmcore-4.2.0/test/testlist.cpp
FINAL RESULTS:
data/kpmcore-4.2.0/src/backend/corebackenddevice.h:59:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open() = 0;
data/kpmcore-4.2.0/src/backend/corebackendpartitiontable.h:37:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open() = 0;
data/kpmcore-4.2.0/src/core/copysource.h:35:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open() = 0;
data/kpmcore-4.2.0/src/core/copysourcedevice.cpp:37:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool CopySourceDevice::open()
data/kpmcore-4.2.0/src/core/copysourcedevice.h:40:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/core/copysourcefile.cpp:25:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool CopySourceFile::open()
data/kpmcore-4.2.0/src/core/copysourcefile.cpp:27:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return file().open(QIODevice::ReadOnly);
data/kpmcore-4.2.0/src/core/copysourcefile.h:32:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/core/copysourceshred.cpp:24:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool CopySourceShred::open()
data/kpmcore-4.2.0/src/core/copysourceshred.cpp:26:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return sourceFile().open(QIODevice::ReadOnly);
data/kpmcore-4.2.0/src/core/copysourceshred.h:32:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/core/copytarget.h:34:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open() = 0;
data/kpmcore-4.2.0/src/core/copytargetbytearray.h:29:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override {
data/kpmcore-4.2.0/src/core/copytargetdevice.cpp:35:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool CopyTargetDevice::open()
data/kpmcore-4.2.0/src/core/copytargetdevice.h:41:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/core/copytargetfile.cpp:22:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool CopyTargetFile::open()
data/kpmcore-4.2.0/src/core/copytargetfile.cpp:24:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return file().open(QIODevice::WriteOnly | QIODevice::Truncate);
data/kpmcore-4.2.0/src/core/copytargetfile.h:32:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/core/diskdevice.cpp:57:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(device_node.toLocal8Bit().constData(), O_RDONLY);
data/kpmcore-4.2.0/src/core/diskdevice.cpp:70:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::ReadOnly)) {
data/kpmcore-4.2.0/src/core/fstab.cpp:63:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( fstabFile.open( QIODevice::ReadOnly | QIODevice::Text ) )
data/kpmcore-4.2.0/src/core/raid/softwareraid.cpp:177:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (mdstat.open(QIODevice::ReadOnly)) {
data/kpmcore-4.2.0/src/core/raid/softwareraid.cpp:420:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!mdstat.open(QIODevice::ReadOnly))
data/kpmcore-4.2.0/src/core/raid/softwareraid.cpp:467:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!config.open(QIODevice::ReadOnly))
data/kpmcore-4.2.0/src/fs/fat32.cpp:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[4];
data/kpmcore-4.2.0/src/fs/linuxswap.cpp:178:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (swapsFile.open(QIODevice::ReadOnly)) {
data/kpmcore-4.2.0/src/jobs/backupfilesystemjob.cpp:53:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!copySource.open())
data/kpmcore-4.2.0/src/jobs/backupfilesystemjob.cpp:55:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!copyTarget.open())
data/kpmcore-4.2.0/src/jobs/copyfilesystemjob.cpp:55:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!copySource.open())
data/kpmcore-4.2.0/src/jobs/copyfilesystemjob.cpp:57:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!copyTarget.open())
data/kpmcore-4.2.0/src/jobs/job.cpp:73:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!undoSource.open()) {
data/kpmcore-4.2.0/src/jobs/job.cpp:79:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!undoTarget.open()) {
data/kpmcore-4.2.0/src/jobs/movefilesystemjob.cpp:51:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!moveSource.open())
data/kpmcore-4.2.0/src/jobs/movefilesystemjob.cpp:53:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!moveTarget.open())
data/kpmcore-4.2.0/src/jobs/restorefilesystemjob.cpp:61:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!copySource.open())
data/kpmcore-4.2.0/src/jobs/restorefilesystemjob.cpp:63:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!copyTarget.open())
data/kpmcore-4.2.0/src/jobs/shredfilesystemjob.cpp:60:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!copySource.open())
data/kpmcore-4.2.0/src/jobs/shredfilesystemjob.cpp:62:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if (!copyTarget.open())
data/kpmcore-4.2.0/src/plugins/dummy/dummybackend.cpp:95:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!device->open())
data/kpmcore-4.2.0/src/plugins/dummy/dummydevice.cpp:26:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool DummyDevice::open()
data/kpmcore-4.2.0/src/plugins/dummy/dummydevice.h:30:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/plugins/dummy/dummypartitiontable.cpp:28:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool DummyPartitionTable::open()
data/kpmcore-4.2.0/src/plugins/dummy/dummypartitiontable.h:29:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskbackend.cpp:97:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::ReadOnly))
data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskbackend.cpp:202:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (mdstat.open(QIODevice::ReadOnly)) {
data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskbackend.cpp:642:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!device->open())
data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskdevice.cpp:26:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool SfdiskDevice::open()
data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskdevice.h:30:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskpartitiontable.cpp:41:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool SfdiskPartitionTable::open()
data/kpmcore-4.2.0/src/plugins/sfdisk/sfdiskpartitiontable.h:29:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open() override;
data/kpmcore-4.2.0/src/util/externalcommandhelper.cpp:76:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!device.open(QIODevice::ReadOnly | QIODevice::Unbuffered)) {
data/kpmcore-4.2.0/src/util/externalcommandhelper.cpp:107:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!device.open(flags)) {
data/kpmcore-4.2.0/src/util/externalcommandhelper.cpp:142:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!device.open(flags)) {
data/kpmcore-4.2.0/src/util/externalcommandhelper.cpp:86:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buffer = device.read(size);
ANALYSIS SUMMARY:
Hits = 54
Lines analyzed = 29843 in approximately 1.01 seconds (29422 lines/second)
Physical Source Lines of Code (SLOC) = 20027
Hits@level = [0] 0 [1] 1 [2] 53 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 54 [1+] 54 [2+] 53 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 2.69636 [1+] 2.69636 [2+] 2.64643 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.