Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kreversi-20.04.3/kreversiplayer.h
Examining data/kreversi-20.04.3/kreversihumanplayer.h
Examining data/kreversi-20.04.3/commondefs.cpp
Examining data/kreversi-20.04.3/kreversiview.cpp
Examining data/kreversi-20.04.3/startgamedialog.cpp
Examining data/kreversi-20.04.3/kexthighscore.h
Examining data/kreversi-20.04.3/kexthighscore_item.cpp
Examining data/kreversi-20.04.3/colorscheme.h
Examining data/kreversi-20.04.3/mainwindow.h
Examining data/kreversi-20.04.3/highscores.h
Examining data/kreversi-20.04.3/kreversicomputerplayer.cpp
Examining data/kreversi-20.04.3/kreversicomputerplayer.h
Examining data/kreversi-20.04.3/Engine.cpp
Examining data/kreversi-20.04.3/kexthighscore_tab.cpp
Examining data/kreversi-20.04.3/startgamedialog.h
Examining data/kreversi-20.04.3/kreversigame.h
Examining data/kreversi-20.04.3/kreversihumanplayer.cpp
Examining data/kreversi-20.04.3/colorscheme.cpp
Examining data/kreversi-20.04.3/kexthighscore_internal.cpp
Examining data/kreversi-20.04.3/kexthighscore_gui.h
Examining data/kreversi-20.04.3/kreversiplayer.cpp
Examining data/kreversi-20.04.3/mainwindow.cpp
Examining data/kreversi-20.04.3/gamestartinformation.h
Examining data/kreversi-20.04.3/kreversigame.cpp
Examining data/kreversi-20.04.3/Engine.h
Examining data/kreversi-20.04.3/main.cpp
Examining data/kreversi-20.04.3/kexthighscore_internal.h
Examining data/kreversi-20.04.3/kexthighscore_gui.cpp
Examining data/kreversi-20.04.3/commondefs.h
Examining data/kreversi-20.04.3/kexthighscore.cpp
Examining data/kreversi-20.04.3/kexthighscore_tab.h
Examining data/kreversi-20.04.3/kreversiview.h
Examining data/kreversi-20.04.3/highscores.cpp
Examining data/kreversi-20.04.3/kexthighscore_item.h
FINAL RESULTS:
data/kreversi-20.04.3/kexthighscore_gui.cpp:303:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp.open();
data/kreversi-20.04.3/kexthighscore_internal.cpp:640:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !tmpFile.open() ) {
data/kreversi-20.04.3/kexthighscore_tab.h:84:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *COUNT_LABELS[Nb_Counts];
data/kreversi-20.04.3/kexthighscore_tab.h:86:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *TREND_LABELS[Nb_Trends];
data/kreversi-20.04.3/kexthighscore_internal.cpp:82:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVariant ItemContainer::read(uint i) const
data/kreversi-20.04.3/kexthighscore_internal.cpp:91:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return _item->read(i, v);
data/kreversi-20.04.3/kexthighscore_internal.cpp:97:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return _item->pretty(i, read(i));
data/kreversi-20.04.3/kexthighscore_internal.cpp:110:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint v = read(i).toUInt() + 1;
data/kreversi-20.04.3/kexthighscore_internal.cpp:202:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ItemArray::read(uint k, Score &data) const
data/kreversi-20.04.3/kexthighscore_internal.cpp:206:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.setData(at(i)->name(), at(i)->read(k));
data/kreversi-20.04.3/kexthighscore_internal.cpp:214:61: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (uint j=nb-1; j>k; j--) at(i)->write(j, at(i)->read(j-1));
data/kreversi-20.04.3/kexthighscore_internal.cpp:242:56: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint id = _score.item(QStringLiteral( "id" ))->read(i).toUInt();
data/kreversi-20.04.3/kexthighscore_internal.cpp:267:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( item(QStringLiteral( "score" ))->read(i)==item(QStringLiteral( "score" ))->item()->defaultValue() )
data/kreversi-20.04.3/kexthighscore_internal.cpp:430:78: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint nbWonGames = nbGames - item(QStringLiteral( "nb lost games" ))->read(_id).toUInt()
data/kreversi-20.04.3/kexthighscore_internal.cpp:431:68: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
- item(QStringLiteral( "nb draw games" ))->read(_id).toUInt()
data/kreversi-20.04.3/kexthighscore_internal.cpp:432:69: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
- item(QStringLiteral( "nb black marks" ))->read(_id).toUInt(); // legacy
data/kreversi-20.04.3/kexthighscore_internal.cpp:434:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
: item(QStringLiteral( "mean score" ))->read(_id).toDouble());
data/kreversi-20.04.3/kexthighscore_internal.cpp:441:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
best.setScore( item(QStringLiteral( "best score" ))->read(_id).toUInt() );
data/kreversi-20.04.3/kexthighscore_internal.cpp:448:60: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int current = item(QStringLiteral( "current trend" ))->read(_id).toInt();
data/kreversi-20.04.3/kexthighscore_internal.cpp:453:61: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint won = item(QStringLiteral( "max won trend" ))->read(_id).toUInt();
data/kreversi-20.04.3/kexthighscore_internal.cpp:460:63: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint lost = item(QStringLiteral( "max lost trend" ))->read(_id).toUInt();
data/kreversi-20.04.3/kexthighscore_internal.cpp:486:65: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( newName.toLower()==item(QStringLiteral( "name" ))->read(i).toString().toLower() ) return true;
data/kreversi-20.04.3/kexthighscore_internal.cpp:702:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_scoreInfos->read(i, score);
data/kreversi-20.04.3/kexthighscore_internal.h:55:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVariant read(uint i, const QVariant &value) const override { Q_UNUSED(value); return i; }
data/kreversi-20.04.3/kexthighscore_internal.h:111:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVariant read(uint i) const;
data/kreversi-20.04.3/kexthighscore_internal.h:151:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(uint k, Score &data) const;
data/kreversi-20.04.3/kexthighscore_internal.h:196:67: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QString name() const { return item(QStringLiteral( "name" ))->read(_id).toString(); }
data/kreversi-20.04.3/kexthighscore_item.cpp:46:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QVariant Item::read(uint, const QVariant &value) const
data/kreversi-20.04.3/kexthighscore_item.h:137:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual QVariant read(uint i, const QVariant &value) const;
data/kreversi-20.04.3/kexthighscore_tab.cpp:165:72: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_data[i].count[Total] = pi.item(QStringLiteral( "nb games" ))->read(i).toUInt();
data/kreversi-20.04.3/kexthighscore_tab.cpp:166:76: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_data[i].count[Lost] = pi.item(QStringLiteral( "nb lost games" ))->read(i).toUInt()
data/kreversi-20.04.3/kexthighscore_tab.cpp:167:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
+ pi.item(QStringLiteral( "nb black marks" ))->read(i).toUInt(); // legacy
data/kreversi-20.04.3/kexthighscore_tab.cpp:168:76: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_data[i].count[Draw] = pi.item(QStringLiteral( "nb draw games" ))->read(i).toUInt();
data/kreversi-20.04.3/kexthighscore_tab.cpp:172:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pi.item(QStringLiteral( "current trend" ))->read(i).toInt();
data/kreversi-20.04.3/kexthighscore_tab.cpp:173:80: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_data[i].trend[WonTrend] = pi.item(QStringLiteral( "max won trend" ))->read(i).toUInt();
data/kreversi-20.04.3/kexthighscore_tab.cpp:175:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
-(int)pi.item(QStringLiteral( "max lost trend" ))->read(i).toUInt();
data/kreversi-20.04.3/kexthighscore_tab.cpp:263:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint nb = pi.item(pi.histoName(k+1))->read(i).toUInt();
ANALYSIS SUMMARY:
Hits = 37
Lines analyzed = 7873 in approximately 0.58 seconds (13533 lines/second)
Physical Source Lines of Code (SLOC) = 4612
Hits@level = [0] 0 [1] 33 [2] 4 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 37 [1+] 37 [2+] 4 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 8.02255 [1+] 8.02255 [2+] 0.867303 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.