stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kwayland-server-5.19.5/autotests/server/test_tablet_interface.cpp
Examining data/kwayland-server-5.19.5/autotests/server/surfaceextension_helper.cpp
Examining data/kwayland-server-5.19.5/autotests/server/test_qt_surface_extension.cpp
Examining data/kwayland-server-5.19.5/autotests/server/test_no_xdg_runtime_dir.cpp
Examining data/kwayland-server-5.19.5/autotests/server/test_seat.cpp
Examining data/kwayland-server-5.19.5/autotests/server/test_display.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_shell_v6.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_text_input.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_shell.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_shell_v5.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_outputdevice.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_connection_thread.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_foreign.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_filter.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_fake_input.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_pointer_constraints.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_drag_drop.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_blur.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_selection.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_shell.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_subsurface.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_server_side_decoration.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_surface.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_shell.h
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_outputmanagement.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_output.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_plasma_virtual_desktop.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_compositor.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_fullscreen_shell.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_server_side_decoration_palette.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_shadow.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_decoration.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_region.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_shm_pool.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_seat.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_output.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_datadevice.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_idle.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_plasmashell.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_xdg_shell_stable.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_registry.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_remote_access.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_windowmanagement.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_error.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_appmenu.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_datasource.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_subcompositor.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_slide.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_wayland_contrast.cpp
Examining data/kwayland-server-5.19.5/autotests/client/test_plasma_window_model.cpp
Examining data/kwayland-server-5.19.5/tests/copyclient.cpp
Examining data/kwayland-server-5.19.5/tests/subsurfacetest.cpp
Examining data/kwayland-server-5.19.5/tests/qtwaylandintegrationtest.h
Examining data/kwayland-server-5.19.5/tests/qtwaylandintegrationtest.cpp
Examining data/kwayland-server-5.19.5/tests/touchclienttest.cpp
Examining data/kwayland-server-5.19.5/tests/dpmstest.cpp
Examining data/kwayland-server-5.19.5/tests/renderingservertest.cpp
Examining data/kwayland-server-5.19.5/tests/paneltest.cpp
Examining data/kwayland-server-5.19.5/tests/touchclienttest.h
Examining data/kwayland-server-5.19.5/tests/pasteclient.cpp
Examining data/kwayland-server-5.19.5/tests/shadowtest.cpp
Examining data/kwayland-server-5.19.5/tests/waylandservertest.cpp
Examining data/kwayland-server-5.19.5/tests/plasmasurfacetest.cpp
Examining data/kwayland-server-5.19.5/tests/xdgtest.cpp
Examining data/kwayland-server-5.19.5/tests/xdgforeigntest.cpp
Examining data/kwayland-server-5.19.5/src/compat/wayland-xdg-shell-v5-client-protocol.h
Examining data/kwayland-server-5.19.5/src/compat/wayland-xdg-shell-v5-protocol.c
Examining data/kwayland-server-5.19.5/src/compat/wayland-xdg-shell-v5-server-protocol.h
Examining data/kwayland-server-5.19.5/src/server/server_decoration_palette_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/idle_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/textinput_interface_v0.cpp
Examining data/kwayland-server-5.19.5/src/server/compositor_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/textinput_interface_v2.cpp
Examining data/kwayland-server-5.19.5/src/server/pointerconstraints_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/slide_interface.h
Examining data/kwayland-server-5.19.5/src/server/xdgshell_v5_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/filtered_display.h
Examining data/kwayland-server-5.19.5/src/server/server_decoration_interface.h
Examining data/kwayland-server-5.19.5/src/server/surface_interface.h
Examining data/kwayland-server-5.19.5/src/server/pointerconstraints_interface_v1.cpp
Examining data/kwayland-server-5.19.5/src/server/contrast_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/surface_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/datadevice_interface.h
Examining data/kwayland-server-5.19.5/src/server/linuxdmabuf_v1_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/xdgshell_stable_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/xdgforeign_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/pointerconstraints_interface.h
Examining data/kwayland-server-5.19.5/src/server/global_p.h
Examining data/kwayland-server-5.19.5/src/server/outputconfiguration_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/outputmanagement_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/seat_interface.h
Examining data/kwayland-server-5.19.5/src/server/outputdevice_interface.h
Examining data/kwayland-server-5.19.5/src/server/dataoffer_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/relativepointer_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/xdgshell_v6_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/contrast_interface.h
Examining data/kwayland-server-5.19.5/src/server/plasmashell_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/plasmawindowmanagement_interface.h
Examining data/kwayland-server-5.19.5/src/server/datasource_interface.h
Examining data/kwayland-server-5.19.5/src/server/xdgshell_v6_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/remote_access_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/output_interface.h
Examining data/kwayland-server-5.19.5/src/server/textinput_interface.h
Examining data/kwayland-server-5.19.5/src/server/plasmavirtualdesktop_interface.h
Examining data/kwayland-server-5.19.5/src/server/blur_interface.h
Examining data/kwayland-server-5.19.5/src/server/relativepointer_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/dpms_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/dpms_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/keystate_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/outputchangeset.h
Examining data/kwayland-server-5.19.5/src/server/filtered_display.cpp
Examining data/kwayland-server-5.19.5/src/server/region_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/datadevice_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/display.cpp
Examining data/kwayland-server-5.19.5/src/server/appmenu_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/dataoffer_interface.h
Examining data/kwayland-server-5.19.5/src/server/plasmashell_interface.h
Examining data/kwayland-server-5.19.5/src/server/plasmavirtualdesktop_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/resource_p.h
Examining data/kwayland-server-5.19.5/src/server/xdgshell_interface.h
Examining data/kwayland-server-5.19.5/src/server/output_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/seat_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/eglstream_controller_interface.h
Examining data/kwayland-server-5.19.5/src/server/linuxdmabuf_v1_interface.h
Examining data/kwayland-server-5.19.5/src/server/outputmanagement_interface.h
Examining data/kwayland-server-5.19.5/src/server/xdgshell_v5_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/keyboard_interface.h
Examining data/kwayland-server-5.19.5/src/server/xdgshell_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/xdgforeign_v2_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/dataoffer_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/pointer_interface.h
Examining data/kwayland-server-5.19.5/src/server/fakeinput_interface.h
Examining data/kwayland-server-5.19.5/src/server/pointerconstraints_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/compositor_interface.h
Examining data/kwayland-server-5.19.5/src/server/slide_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/surface_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/pointergestures_interface.h
Examining data/kwayland-server-5.19.5/src/server/relativepointer_interface_v1.cpp
Examining data/kwayland-server-5.19.5/src/server/datasource_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/textinput_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/eglstream_controller_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/global.cpp
Examining data/kwayland-server-5.19.5/src/server/touch_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/outputchangeset_p.h
Examining data/kwayland-server-5.19.5/src/server/buffer_interface.h
Examining data/kwayland-server-5.19.5/src/server/server_decoration_palette_interface.h
Examining data/kwayland-server-5.19.5/src/server/appmenu_interface.h
Examining data/kwayland-server-5.19.5/src/server/dpms_interface.h
Examining data/kwayland-server-5.19.5/src/server/pointergestures_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/pointergestures_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/subsurface_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/idleinhibit_interface.h
Examining data/kwayland-server-5.19.5/src/server/drm_fourcc.h
Examining data/kwayland-server-5.19.5/src/server/blur_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/shadow_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/outputconfiguration_interface.h
Examining data/kwayland-server-5.19.5/src/server/buffer_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/shell_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/xdgforeign_v2_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/xdgoutput_interface.h
Examining data/kwayland-server-5.19.5/src/server/pointer_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/surfacerole_p.h
Examining data/kwayland-server-5.19.5/src/server/qtsurfaceextension_interface.h
Examining data/kwayland-server-5.19.5/src/server/global.h
Examining data/kwayland-server-5.19.5/src/server/server_decoration_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/touch_interface.h
Examining data/kwayland-server-5.19.5/src/server/keyboard_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/surfacerole.cpp
Examining data/kwayland-server-5.19.5/src/server/xdgshell_stable_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/plasmawindowmanagement_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/region_interface.h
Examining data/kwayland-server-5.19.5/src/server/xdgdecoration_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/tablet_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/remote_access_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/xdgforeign_interface.h
Examining data/kwayland-server-5.19.5/src/server/datadevicemanager_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/outputdevice_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/resource.cpp
Examining data/kwayland-server-5.19.5/src/server/subcompositor_interface.h
Examining data/kwayland-server-5.19.5/src/server/pointer_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/xdgoutput_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/outputchangeset.cpp
Examining data/kwayland-server-5.19.5/src/server/shadow_interface.h
Examining data/kwayland-server-5.19.5/src/server/qtsurfaceextension_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/idleinhibit_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/datadevicemanager_interface.h
Examining data/kwayland-server-5.19.5/src/server/idleinhibit_interface_v1.cpp
Examining data/kwayland-server-5.19.5/src/server/tablet_interface.h
Examining data/kwayland-server-5.19.5/src/server/resource.h
Examining data/kwayland-server-5.19.5/src/server/relativepointer_interface.h
Examining data/kwayland-server-5.19.5/src/server/seat_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/remote_access_interface.h
Examining data/kwayland-server-5.19.5/src/server/xdgdecoration_interface.h
Examining data/kwayland-server-5.19.5/src/server/keystate_interface.h
Examining data/kwayland-server-5.19.5/src/server/display.h
Examining data/kwayland-server-5.19.5/src/server/shell_interface.h
Examining data/kwayland-server-5.19.5/src/server/keyboard_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/eglstream_controller_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/subcompositor_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/pointergestures_interface_v1.cpp
Examining data/kwayland-server-5.19.5/src/server/clientconnection.h
Examining data/kwayland-server-5.19.5/src/server/generic_shell_surface_p.h
Examining data/kwayland-server-5.19.5/src/server/textinput_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/idleinhibit_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/clientconnection.cpp
Examining data/kwayland-server-5.19.5/src/server/xdgshell_interface_p.h
Examining data/kwayland-server-5.19.5/src/server/fakeinput_interface.cpp
Examining data/kwayland-server-5.19.5/src/server/idle_interface.h

FINAL RESULTS:

data/kwayland-server-5.19.5/tests/renderingservertest.cpp:46:9:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        execlp(process.constData(), process.constData(), "-displayfd", fdbuf, "-rootless", (char *)nullptr);
data/kwayland-server-5.19.5/tests/waylandservertest.cpp:37:9:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        execlp(process.constData(), process.constData(), "-displayfd", fdbuf, (char *)nullptr);
data/kwayland-server-5.19.5/autotests/client/test_datasource.cpp:223:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    QVERIFY(file.open());
data/kwayland-server-5.19.5/autotests/client/test_datasource.cpp:233:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    QVERIFY(writeFile.open(sendRequestedSpy.first().last().value<qint32>(), QFile::WriteOnly, QFileDevice::AutoCloseHandle));
data/kwayland-server-5.19.5/autotests/client/test_remote_access.cpp:197:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tmpFile->open();
data/kwayland-server-5.19.5/autotests/client/test_remote_access.cpp:247:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tmpFile->open();
data/kwayland-server-5.19.5/autotests/client/test_remote_access.cpp:333:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tmpFile1->open();
data/kwayland-server-5.19.5/autotests/client/test_remote_access.cpp:337:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tmpFile2->open();
data/kwayland-server-5.19.5/autotests/client/test_remote_access.cpp:414:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tmpFile->open();
data/kwayland-server-5.19.5/autotests/client/test_remote_access.cpp:449:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tmpFile->open();
data/kwayland-server-5.19.5/autotests/client/test_wayland_seat.cpp:2415:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    QVERIFY(file.open(fd, QIODevice::ReadOnly));
data/kwayland-server-5.19.5/autotests/client/test_wayland_seat.cpp:2428:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    QVERIFY(file.open(fd, QIODevice::ReadWrite));address = reinterpret_cast<char*>(file.map(0, keymapChangedSpy.first().last().value<quint32>()));
data/kwayland-server-5.19.5/autotests/client/test_wayland_seat.cpp:2449:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    QVERIFY(serverFile.open());
data/kwayland-server-5.19.5/autotests/client/test_wayland_seat.cpp:2463:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    QVERIFY(file.open(fd, QIODevice::ReadOnly));
data/kwayland-server-5.19.5/autotests/client/test_wayland_seat.cpp:2477:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    QVERIFY(file2.open(fd2, QIODevice::ReadWrite));
data/kwayland-server-5.19.5/src/server/keyboard_interface.cpp:82:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!tmp->open()) {
data/kwayland-server-5.19.5/src/server/outputdevice_interface.cpp:419:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s, origin.data(), memLength);
data/kwayland-server-5.19.5/src/server/plasmawindowmanagement_interface.cpp:173:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(s, stackingOrder.data(), memLength);
data/kwayland-server-5.19.5/src/server/plasmawindowmanagement_interface.cpp:480:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            file.open(fd, QIODevice::WriteOnly, QFileDevice::AutoCloseHandle);
data/kwayland-server-5.19.5/src/server/seat_interface.cpp:1161:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!file.open(fd, QIODevice::ReadOnly)) {
data/kwayland-server-5.19.5/tests/copyclient.cpp:169:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (c.open(fd, QFile::WriteOnly, QFile::AutoCloseHandle)) {
data/kwayland-server-5.19.5/tests/pasteclient.cpp:154:42:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                            if (readPipe.open(pipeFds[0], QIODevice::ReadOnly)) {
data/kwayland-server-5.19.5/tests/renderingservertest.cpp:44:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char fdbuf[16];
data/kwayland-server-5.19.5/tests/renderingservertest.cpp:45:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(fdbuf, "%d", pipeFds[1]);
data/kwayland-server-5.19.5/tests/renderingservertest.cpp:59:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!readPipe.open(pipe, QIODevice::ReadOnly)) {
data/kwayland-server-5.19.5/tests/waylandservertest.cpp:35:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char fdbuf[16];
data/kwayland-server-5.19.5/tests/waylandservertest.cpp:36:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(fdbuf, "%d", pipeFds[1]);
data/kwayland-server-5.19.5/tests/waylandservertest.cpp:50:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!readPipe.open(pipe, QIODevice::ReadOnly)) {
data/kwayland-server-5.19.5/src/server/filtered_display.cpp:27:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        auto name = QByteArray::fromRawData(interface->name, strlen(interface->name));

ANALYSIS SUMMARY:

Hits = 29
Lines analyzed = 57391 in approximately 1.38 seconds (41592 lines/second)
Physical Source Lines of Code (SLOC) = 41701
Hits@level = [0]   0 [1]   1 [2]  26 [3]   0 [4]   2 [5]   0
Hits@level+ = [0+]  29 [1+]  29 [2+]  28 [3+]   2 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 0.695427 [1+] 0.695427 [2+] 0.671447 [3+] 0.0479605 [4+] 0.0479605 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.