Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ktp-common-internals-20.08.0/kaccounts/kaccounts-ktp-plugin.cpp
Examining data/ktp-common-internals-20.08.0/kaccounts/kaccounts-ktp-plugin.h
Examining data/ktp-common-internals-20.08.0/KTp/logs-importer.h
Examining data/ktp-common-internals-20.08.0/KTp/message-escape-filter.cpp
Examining data/ktp-common-internals-20.08.0/KTp/core.h
Examining data/ktp-common-internals-20.08.0/KTp/account-factory.cpp
Examining data/ktp-common-internals-20.08.0/KTp/capabilities-hack-private.cpp
Examining data/ktp-common-internals-20.08.0/KTp/pending-wallet.h
Examining data/ktp-common-internals-20.08.0/KTp/contact-factory.h
Examining data/ktp-common-internals-20.08.0/KTp/circular-countdown.h
Examining data/ktp-common-internals-20.08.0/KTp/message-filter-config-manager.h
Examining data/ktp-common-internals-20.08.0/KTp/message-processor.h
Examining data/ktp-common-internals-20.08.0/KTp/pending-wallet.cpp
Examining data/ktp-common-internals-20.08.0/KTp/logs-importer-private.h
Examining data/ktp-common-internals-20.08.0/KTp/service-availability-checker.h
Examining data/ktp-common-internals-20.08.0/KTp/OTR/channel-adapter.h
Examining data/ktp-common-internals-20.08.0/KTp/OTR/types.cpp
Examining data/ktp-common-internals-20.08.0/KTp/OTR/channel-proxy-interface.h
Examining data/ktp-common-internals-20.08.0/KTp/OTR/proxy-service-interface.cpp
Examining data/ktp-common-internals-20.08.0/KTp/OTR/utils.h
Examining data/ktp-common-internals-20.08.0/KTp/OTR/debug.h
Examining data/ktp-common-internals-20.08.0/KTp/OTR/types.h
Examining data/ktp-common-internals-20.08.0/KTp/OTR/channel-proxy-interface.cpp
Examining data/ktp-common-internals-20.08.0/KTp/OTR/utils.cpp
Examining data/ktp-common-internals-20.08.0/KTp/OTR/proxy-service-interface.h
Examining data/ktp-common-internals-20.08.0/KTp/OTR/debug.cpp
Examining data/ktp-common-internals-20.08.0/KTp/OTR/channel-adapter.cpp
Examining data/ktp-common-internals-20.08.0/KTp/OTR/constants.h
Examining data/ktp-common-internals-20.08.0/KTp/message-processor.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/text-channel-watcher-proxy-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/contacts-list-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/rooms-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/contacts-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/abstract-grouping-proxy-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/accounts-tree-proxy-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/contacts-filter-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/contacts-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/debug.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/accounts-list-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/groups-tree-proxy-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/rooms-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/kpeopletranslationproxy.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/accounts-tree-proxy-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/accounts-list-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/groups-tree-proxy-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/debug.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/text-channel-watcher-proxy-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/contacts-filter-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/contacts-list-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/presence-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/presence-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Models/abstract-grouping-proxy-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Models/kpeopletranslationproxy.cpp
Examining data/ktp-common-internals-20.08.0/KTp/actions.cpp
Examining data/ktp-common-internals-20.08.0/KTp/message-context.h
Examining data/ktp-common-internals-20.08.0/KTp/message-filter-config-manager.cpp
Examining data/ktp-common-internals-20.08.0/KTp/wallet-utils.h
Examining data/ktp-common-internals-20.08.0/KTp/outgoing-message.cpp
Examining data/ktp-common-internals-20.08.0/KTp/message.h
Examining data/ktp-common-internals-20.08.0/KTp/text-parser.h
Examining data/ktp-common-internals-20.08.0/KTp/message.cpp
Examining data/ktp-common-internals-20.08.0/KTp/persistent-contact.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-manager.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/abstract-logger-plugin.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-entities-impl.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-search-hit.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-entity.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-entities.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/abstract-logger-plugin.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-search-impl.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-logs-impl.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-dates-impl.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/debug.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-entities-impl.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-message.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-operation.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-search-hit.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-search-impl.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-dates-impl.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-search.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-dates.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-logs.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-manager-private.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/debug.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-message.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-search.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/scrollback-manager.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-logs-impl.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-logs.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-manager.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/log-entity.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-dates.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-operation.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/scrollback-manager.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/pending-logger-entities.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-logs.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-entities.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/utils.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-search.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-dates.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-dates.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/utils.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-logs.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-search.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/tp-logger-plugin.h
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/tp-logger-plugin.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Logger/plugins/tplogger/pending-tp-logger-entities.h
Examining data/ktp-common-internals-20.08.0/KTp/contact.cpp
Examining data/ktp-common-internals-20.08.0/KTp/outgoing-message.h
Examining data/ktp-common-internals-20.08.0/KTp/text-parser.cpp
Examining data/ktp-common-internals-20.08.0/KTp/abstract-message-filter.cpp
Examining data/ktp-common-internals-20.08.0/KTp/debug.h
Examining data/ktp-common-internals-20.08.0/KTp/circular-countdown.cpp
Examining data/ktp-common-internals-20.08.0/KTp/error-dictionary.cpp
Examining data/ktp-common-internals-20.08.0/KTp/message-filters-private.h
Examining data/ktp-common-internals-20.08.0/KTp/types.h
Examining data/ktp-common-internals-20.08.0/KTp/global-contact-manager.h
Examining data/ktp-common-internals-20.08.0/KTp/abstract-message-filter.h
Examining data/ktp-common-internals-20.08.0/KTp/message-processor-private.h
Examining data/ktp-common-internals-20.08.0/KTp/global-presence.cpp
Examining data/ktp-common-internals-20.08.0/KTp/telepathy-handler-application.cpp
Examining data/ktp-common-internals-20.08.0/KTp/presence.cpp
Examining data/ktp-common-internals-20.08.0/KTp/capabilities-hack-private.h
Examining data/ktp-common-internals-20.08.0/KTp/presence.h
Examining data/ktp-common-internals-20.08.0/KTp/service-availability-checker.cpp
Examining data/ktp-common-internals-20.08.0/KTp/logs-importer-private.cpp
Examining data/ktp-common-internals-20.08.0/KTp/message-private.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/qml-plugins.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/pinned-contacts-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/messages-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/conversations-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/qml-plugins.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/pinned-contacts-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/channel-delegator.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/mainlogmodel.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/contact-pin.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/messages-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/debug.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/contact-pin.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/conversations-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/conversation.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/debug.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/telepathy-manager.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/conversation.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/filtered-pinned-contacts-proxy-model.h
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/telepathy-manager.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/filtered-pinned-contacts-proxy-model.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Declarative/mainlogmodel.cpp
Examining data/ktp-common-internals-20.08.0/KTp/debug.cpp
Examining data/ktp-common-internals-20.08.0/KTp/contact-factory.cpp
Examining data/ktp-common-internals-20.08.0/KTp/error-dictionary.h
Examining data/ktp-common-internals-20.08.0/KTp/global-presence.h
Examining data/ktp-common-internals-20.08.0/KTp/persistent-contact.h
Examining data/ktp-common-internals-20.08.0/KTp/message-context.cpp
Examining data/ktp-common-internals-20.08.0/KTp/ktp-debug.h
Examining data/ktp-common-internals-20.08.0/KTp/contact.h
Examining data/ktp-common-internals-20.08.0/KTp/wallet-utils.cpp
Examining data/ktp-common-internals-20.08.0/KTp/telepathy-handler-application.h
Examining data/ktp-common-internals-20.08.0/KTp/global-contact-manager.cpp
Examining data/ktp-common-internals-20.08.0/KTp/wallet-interface.cpp
Examining data/ktp-common-internals-20.08.0/KTp/wallet-interface.h
Examining data/ktp-common-internals-20.08.0/KTp/actions.h
Examining data/ktp-common-internals-20.08.0/KTp/core.cpp
Examining data/ktp-common-internals-20.08.0/KTp/logs-importer.cpp
Examining data/ktp-common-internals-20.08.0/KTp/account-factory_p.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-view-widget.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/join-chat-room-dialog.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/join-chat-room-dialog.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/notification-config-dialog.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-grid-dialog.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/settings-kcm-dialog.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/add-contact-dialog.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-grid-widget.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/accounts-combo-box.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-view-widget.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/debug.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/settings-kcm-dialog.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/start-chat-dialog.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-info-dialog.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-grid-widget.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/start-chat-dialog.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/accounts-combo-box.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/debug.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/notification-config-dialog.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-grid-dialog.h
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/contact-info-dialog.cpp
Examining data/ktp-common-internals-20.08.0/KTp/Widgets/add-contact-dialog.h
Examining data/ktp-common-internals-20.08.0/tests/kpeople-model-view-main.cpp
Examining data/ktp-common-internals-20.08.0/tests/roles-proxy-model.h
Examining data/ktp-common-internals-20.08.0/tests/contact-list-model-view-main.cpp
Examining data/ktp-common-internals-20.08.0/tests/model-view.cpp
Examining data/ktp-common-internals-20.08.0/tests/roles-proxy-model.cpp
Examining data/ktp-common-internals-20.08.0/tests/model-view.h
Examining data/ktp-common-internals-20.08.0/kpeople/uiplugins/chatplugin/kpeople_chat_plugin.h
Examining data/ktp-common-internals-20.08.0/kpeople/uiplugins/chatplugin/kpeople_chat_plugin.cpp
Examining data/ktp-common-internals-20.08.0/kpeople/uiplugins/chatplugin/chatlistviewdelegate.cpp
Examining data/ktp-common-internals-20.08.0/kpeople/uiplugins/chatplugin/chatlistviewdelegate.h
Examining data/ktp-common-internals-20.08.0/kpeople/uiplugins/imdetailswidget.cpp
Examining data/ktp-common-internals-20.08.0/kpeople/uiplugins/imdetailswidget.h
Examining data/ktp-common-internals-20.08.0/kpeople/datasourceplugin/im-persons-data-source.cpp
Examining data/ktp-common-internals-20.08.0/kpeople/datasourceplugin/debug.h
Examining data/ktp-common-internals-20.08.0/kpeople/datasourceplugin/im-persons-data-source.h
Examining data/ktp-common-internals-20.08.0/kpeople/datasourceplugin/debug.cpp
Examining data/ktp-common-internals-20.08.0/kpeople/actionsplugin/kpeople-actions-plugin.cpp
Examining data/ktp-common-internals-20.08.0/kpeople/actionsplugin/kpeople-actions-plugin.h
Examining data/ktp-common-internals-20.08.0/tools/debugger/telepathy-process.h
Examining data/ktp-common-internals-20.08.0/tools/debugger/main.cpp
Examining data/ktp-common-internals-20.08.0/tools/debugger/main-window.h
Examining data/ktp-common-internals-20.08.0/tools/debugger/debug-message-view.cpp
Examining data/ktp-common-internals-20.08.0/tools/debugger/telepathy-process.cpp
Examining data/ktp-common-internals-20.08.0/tools/debugger/debug-message-view.h
Examining data/ktp-common-internals-20.08.0/tools/debugger/main-window.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/test/otr-test.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/test/lib/test-config.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/test/lib/test-session.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/test/lib/test-config.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/test/lib/test-session.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/test/utils-test.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-message.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/svc-channel-proxy.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-proxy-channel.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/ktp-proxy-debug.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-config.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/svc-channel-proxy.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-config.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-session.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-utils.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/types.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-constants.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/svc-proxy-service.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/proxy-service-adaptee.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/main.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/svc-proxy-service.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/proxy-observer.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-proxy-channel-adaptee.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/proxy-service.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/pending-curry-operation.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/proxy-service.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-utils.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-message.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-session.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-proxy-channel.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/ktp-proxy-debug.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/proxy-observer.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/proxy-service-adaptee.cpp
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-proxy-channel-adaptee.h
Examining data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/pending-curry-operation.cpp
FINAL RESULTS:
data/ktp-common-internals-20.08.0/tools/debugger/debug-message-view.cpp:113:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
str.sprintf("%s.%06d", time_str, ms);
data/ktp-common-internals-20.08.0/KTp/Declarative/mainlogmodel.cpp:101:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
qDebug() << dbLocation << m_db.open();
data/ktp-common-internals-20.08.0/KTp/Widgets/contact-info-dialog.cpp:421:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/ktp-common-internals-20.08.0/KTp/logs-importer-private.cpp:197:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outFile.open(QIODevice::WriteOnly);
data/ktp-common-internals-20.08.0/KTp/logs-importer-private.cpp:310:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/ktp-common-internals-20.08.0/kpeople/datasourceplugin/im-persons-data-source.cpp:140:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!db.open()) {
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:83:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *accountname, const char *protocol,
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:83:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *accountname, const char *protocol,
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:84:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *username, unsigned char fingerprint[20])
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:84:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *username, unsigned char fingerprint[20])
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:145:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(err_msg, message.toUtf8().data(), message.length());
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:154:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(err_msg, message.toUtf8().data(), message.length());
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:162:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(err_msg, message.toUtf8().data(), message.length());
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:170:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(err_msg, message.toUtf8().data(), message.length());
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-manager.cpp:467:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ourRawHash[20];
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-utils.h:44:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
inline QString humanReadable(const unsigned char fingerprint[20])
data/ktp-common-internals-20.08.0/otr-proxy/KTpProxy/otr-utils.h:46:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char human[OTRL_PRIVKEY_FPRINT_HUMAN_LEN];
data/ktp-common-internals-20.08.0/tools/debugger/debug-message-view.cpp:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[32];
ANALYSIS SUMMARY:
Hits = 18
Lines analyzed = 31729 in approximately 2.22 seconds (14317 lines/second)
Physical Source Lines of Code (SLOC) = 19664
Hits@level = [0] 0 [1] 0 [2] 17 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 18 [1+] 18 [2+] 18 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 0.915378 [1+] 0.915378 [2+] 0.915378 [3+] 0.0508544 [4+] 0.0508544 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.