Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/latte-dock-0.9.11/app/infoview.h
Examining data/latte-dock-0.9.11/app/wm/schemecolors.cpp
Examining data/latte-dock-0.9.11/app/wm/xwindowinterface.h
Examining data/latte-dock-0.9.11/app/wm/xwindowinterface.cpp
Examining data/latte-dock-0.9.11/app/wm/tasktools.h
Examining data/latte-dock-0.9.11/app/wm/windowinfowrap.cpp
Examining data/latte-dock-0.9.11/app/wm/tasktools.cpp
Examining data/latte-dock-0.9.11/app/wm/schemecolors.h
Examining data/latte-dock-0.9.11/app/wm/abstractwindowinterface.cpp
Examining data/latte-dock-0.9.11/app/wm/tracker/windowstracker.h
Examining data/latte-dock-0.9.11/app/wm/tracker/schemes.h
Examining data/latte-dock-0.9.11/app/wm/tracker/schemes.cpp
Examining data/latte-dock-0.9.11/app/wm/tracker/trackedlayoutinfo.cpp
Examining data/latte-dock-0.9.11/app/wm/tracker/trackedgeneralinfo.cpp
Examining data/latte-dock-0.9.11/app/wm/tracker/lastactivewindow.cpp
Examining data/latte-dock-0.9.11/app/wm/tracker/trackedgeneralinfo.h
Examining data/latte-dock-0.9.11/app/wm/tracker/trackedlayoutinfo.h
Examining data/latte-dock-0.9.11/app/wm/tracker/trackedviewinfo.cpp
Examining data/latte-dock-0.9.11/app/wm/tracker/lastactivewindow.h
Examining data/latte-dock-0.9.11/app/wm/tracker/windowstracker.cpp
Examining data/latte-dock-0.9.11/app/wm/tracker/trackedviewinfo.h
Examining data/latte-dock-0.9.11/app/wm/waylandinterface.cpp
Examining data/latte-dock-0.9.11/app/wm/abstractwindowinterface.h
Examining data/latte-dock-0.9.11/app/wm/windowinfowrap.h
Examining data/latte-dock-0.9.11/app/wm/waylandinterface.h
Examining data/latte-dock-0.9.11/app/alternativeshelper.h
Examining data/latte-dock-0.9.11/app/screenpool.cpp
Examining data/latte-dock-0.9.11/app/alternativeshelper.cpp
Examining data/latte-dock-0.9.11/app/packageplugins/indicator/indicatorpackage.cpp
Examining data/latte-dock-0.9.11/app/packageplugins/indicator/indicatorpackage.h
Examining data/latte-dock-0.9.11/app/layout/storage.cpp
Examining data/latte-dock-0.9.11/app/layout/abstractlayout.cpp
Examining data/latte-dock-0.9.11/app/layout/sharedlayout.h
Examining data/latte-dock-0.9.11/app/layout/centrallayout.h
Examining data/latte-dock-0.9.11/app/layout/sharedlayout.cpp
Examining data/latte-dock-0.9.11/app/layout/storage.h
Examining data/latte-dock-0.9.11/app/layout/genericlayout.cpp
Examining data/latte-dock-0.9.11/app/layout/abstractlayout.h
Examining data/latte-dock-0.9.11/app/layout/genericlayout.h
Examining data/latte-dock-0.9.11/app/layout/centrallayout.cpp
Examining data/latte-dock-0.9.11/app/infoview.cpp
Examining data/latte-dock-0.9.11/app/lattecorona.cpp
Examining data/latte-dock-0.9.11/app/indicator/factory.h
Examining data/latte-dock-0.9.11/app/indicator/factory.cpp
Examining data/latte-dock-0.9.11/app/lattecorona.h
Examining data/latte-dock-0.9.11/app/main.cpp
Examining data/latte-dock-0.9.11/app/shortcuts/modifiertracker.h
Examining data/latte-dock-0.9.11/app/shortcuts/globalshortcuts.h
Examining data/latte-dock-0.9.11/app/shortcuts/shortcutstracker.cpp
Examining data/latte-dock-0.9.11/app/shortcuts/shortcutstracker.h
Examining data/latte-dock-0.9.11/app/shortcuts/globalshortcuts.cpp
Examining data/latte-dock-0.9.11/app/shortcuts/modifiertracker.cpp
Examining data/latte-dock-0.9.11/app/view/contextmenu.h
Examining data/latte-dock-0.9.11/app/view/screenedgeghostwindow.h
Examining data/latte-dock-0.9.11/app/view/view.cpp
Examining data/latte-dock-0.9.11/app/view/effects.cpp
Examining data/latte-dock-0.9.11/app/view/positioner.h
Examining data/latte-dock-0.9.11/app/view/panelshadows.cpp
Examining data/latte-dock-0.9.11/app/view/visibilitymanager.cpp
Examining data/latte-dock-0.9.11/app/view/containmentinterface.h
Examining data/latte-dock-0.9.11/app/view/indicator/indicatorresources.cpp
Examining data/latte-dock-0.9.11/app/view/indicator/indicatorinfo.h
Examining data/latte-dock-0.9.11/app/view/indicator/indicator.h
Examining data/latte-dock-0.9.11/app/view/indicator/indicatorresources.h
Examining data/latte-dock-0.9.11/app/view/indicator/indicatorinfo.cpp
Examining data/latte-dock-0.9.11/app/view/indicator/indicator.cpp
Examining data/latte-dock-0.9.11/app/view/view.h
Examining data/latte-dock-0.9.11/app/view/containmentinterface.cpp
Examining data/latte-dock-0.9.11/app/view/visibilitymanager.h
Examining data/latte-dock-0.9.11/app/view/screenedgeghostwindow.cpp
Examining data/latte-dock-0.9.11/app/view/contextmenu.cpp
Examining data/latte-dock-0.9.11/app/view/windowstracker/allscreenstracker.h
Examining data/latte-dock-0.9.11/app/view/windowstracker/windowstracker.h
Examining data/latte-dock-0.9.11/app/view/windowstracker/currentscreentracker.h
Examining data/latte-dock-0.9.11/app/view/windowstracker/currentscreentracker.cpp
Examining data/latte-dock-0.9.11/app/view/windowstracker/allscreenstracker.cpp
Examining data/latte-dock-0.9.11/app/view/windowstracker/windowstracker.cpp
Examining data/latte-dock-0.9.11/app/view/positioner.cpp
Examining data/latte-dock-0.9.11/app/view/settings/primaryconfigview.h
Examining data/latte-dock-0.9.11/app/view/settings/secondaryconfigview.cpp
Examining data/latte-dock-0.9.11/app/view/settings/secondaryconfigview.h
Examining data/latte-dock-0.9.11/app/view/settings/primaryconfigview.cpp
Examining data/latte-dock-0.9.11/app/view/panelshadows_p.h
Examining data/latte-dock-0.9.11/app/view/effects.h
Examining data/latte-dock-0.9.11/app/layouts/manager.cpp
Examining data/latte-dock-0.9.11/app/layouts/manager.h
Examining data/latte-dock-0.9.11/app/layouts/importer.cpp
Examining data/latte-dock-0.9.11/app/layouts/launcherssignals.cpp
Examining data/latte-dock-0.9.11/app/layouts/importer.h
Examining data/latte-dock-0.9.11/app/layouts/synchronizer.cpp
Examining data/latte-dock-0.9.11/app/layouts/synchronizer.h
Examining data/latte-dock-0.9.11/app/layouts/launcherssignals.h
Examining data/latte-dock-0.9.11/app/settings/settingsdialog.cpp
Examining data/latte-dock-0.9.11/app/settings/universalsettings.cpp
Examining data/latte-dock-0.9.11/app/settings/tools/settingstools.h
Examining data/latte-dock-0.9.11/app/settings/tools/settingstools.cpp
Examining data/latte-dock-0.9.11/app/settings/delegates/colorcmbboxitemdelegate.h
Examining data/latte-dock-0.9.11/app/settings/delegates/colorcmbboxdelegate.h
Examining data/latte-dock-0.9.11/app/settings/delegates/colorcmbboxdelegate.cpp
Examining data/latte-dock-0.9.11/app/settings/delegates/checkboxdelegate.cpp
Examining data/latte-dock-0.9.11/app/settings/delegates/shareddelegate.h
Examining data/latte-dock-0.9.11/app/settings/delegates/activitiesdelegate.cpp
Examining data/latte-dock-0.9.11/app/settings/delegates/layoutnamedelegate.h
Examining data/latte-dock-0.9.11/app/settings/delegates/activitiesdelegate.h
Examining data/latte-dock-0.9.11/app/settings/delegates/layoutnamedelegate.cpp
Examining data/latte-dock-0.9.11/app/settings/delegates/persistentmenu.h
Examining data/latte-dock-0.9.11/app/settings/delegates/checkboxdelegate.h
Examining data/latte-dock-0.9.11/app/settings/delegates/persistentmenu.cpp
Examining data/latte-dock-0.9.11/app/settings/delegates/shareddelegate.cpp
Examining data/latte-dock-0.9.11/app/settings/delegates/colorcmbboxitemdelegate.cpp
Examining data/latte-dock-0.9.11/app/settings/settingsdialog.h
Examining data/latte-dock-0.9.11/app/settings/universalsettings.h
Examining data/latte-dock-0.9.11/app/package/lattepackage.cpp
Examining data/latte-dock-0.9.11/app/package/lattepackage.h
Examining data/latte-dock-0.9.11/app/plasma/quick/configview.h
Examining data/latte-dock-0.9.11/app/plasma/quick/containmentview.h
Examining data/latte-dock-0.9.11/app/plasma/quick/view.h
Examining data/latte-dock-0.9.11/app/plasma/extended/screenpool.cpp
Examining data/latte-dock-0.9.11/app/plasma/extended/theme.h
Examining data/latte-dock-0.9.11/app/plasma/extended/theme.cpp
Examining data/latte-dock-0.9.11/app/plasma/extended/screenpool.h
Examining data/latte-dock-0.9.11/app/screenpool.h
Examining data/latte-dock-0.9.11/containmentactions/contextmenu/menu.h
Examining data/latte-dock-0.9.11/containmentactions/contextmenu/menu.cpp
Examining data/latte-dock-0.9.11/liblatte2/quickwindowsystem.h
Examining data/latte-dock-0.9.11/liblatte2/latteplugin.cpp
Examining data/latte-dock-0.9.11/liblatte2/types.cpp
Examining data/latte-dock-0.9.11/liblatte2/iconitem.cpp
Examining data/latte-dock-0.9.11/liblatte2/iconitem.h
Examining data/latte-dock-0.9.11/liblatte2/types.h
Examining data/latte-dock-0.9.11/liblatte2/backgroundtracker.h
Examining data/latte-dock-0.9.11/liblatte2/commontools.h
Examining data/latte-dock-0.9.11/liblatte2/latteplugin.h
Examining data/latte-dock-0.9.11/liblatte2/extras.h
Examining data/latte-dock-0.9.11/liblatte2/commontools.cpp
Examining data/latte-dock-0.9.11/liblatte2/extras.cpp
Examining data/latte-dock-0.9.11/liblatte2/quickwindowsystem.cpp
Examining data/latte-dock-0.9.11/liblatte2/backgroundtracker.cpp
Examining data/latte-dock-0.9.11/liblatte2/plasma/extended/backgroundcache.cpp
Examining data/latte-dock-0.9.11/liblatte2/plasma/extended/screenpool.cpp
Examining data/latte-dock-0.9.11/liblatte2/plasma/extended/backgroundcache.h
Examining data/latte-dock-0.9.11/liblatte2/plasma/extended/screenpool.h
FINAL RESULTS:
data/latte-dock-0.9.11/app/indicator/factory.cpp:216:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
zipArchive->open(QIODevice::ReadOnly);
data/latte-dock-0.9.11/app/indicator/factory.cpp:223:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tarArchive->open(QIODevice::ReadOnly);
data/latte-dock-0.9.11/app/indicator/factory.cpp:312:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/layouts/importer.cpp:300:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
archive.open(QIODevice::ReadOnly);
data/latte-dock-0.9.11/app/layouts/importer.cpp:384:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!archive.open(QIODevice::WriteOnly)) {
data/latte-dock-0.9.11/app/layouts/importer.cpp:422:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
archive.open(QIODevice::ReadOnly);
data/latte-dock-0.9.11/app/layouts/importer.cpp:496:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
archive.open(QIODevice::ReadOnly);
data/latte-dock-0.9.11/app/layouts/manager.cpp:257:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/plasma/extended/theme.cpp:537:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (svgFile.open(QIODevice::ReadOnly)) {
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:603:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:634:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:638:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileDialog->open();
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:644:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
archive.open(QIODevice::ReadOnly);
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:781:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileDialog->open();
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:1093:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:1549:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:1573:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/settings/settingsdialog.cpp:1600:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
msg->open();
data/latte-dock-0.9.11/app/view/indicator/indicator.cpp:411:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileDialog->open();
ANALYSIS SUMMARY:
Hits = 19
Lines analyzed = 37457 in approximately 1.68 seconds (22311 lines/second)
Physical Source Lines of Code (SLOC) = 25084
Hits@level = [0] 0 [1] 0 [2] 19 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 19 [1+] 19 [2+] 19 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 0.757455 [1+] 0.757455 [2+] 0.757455 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.