Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccsvwriter.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocarticle.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocconjugation.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctext.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocleitnerbox.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocexpression.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerwordquiztest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/emptydocumenttest.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentvalidatortest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvoctexttest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvoctexttest.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readervokabelntest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerpaukertest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/emptydocumenttest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerxdxftest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocidentifier.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctranslation.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoclesson.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlwriter.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocwordtype.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/tests/converter.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/tests/sharedkvtmlfilestest.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocarticle.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocwordflags.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocpersonalpronoun.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/kvtml2defs.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoclesson.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlwriter.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlcompability.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtml2writer.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocexpression.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocmultiplechoice.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctext.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/kvtmldefs.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccommon_p.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdeclension.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocpersonalpronoun.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocwordtype.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocmultiplechoice.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtml2writer.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocleitnerbox.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccsvwriter.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocidentifier.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdeclension.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlcompability.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctranslation.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readermanager.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readerbase.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readermanager.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocconjugation.h Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccontainer.cpp Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccontainer.h FINAL RESULTS: data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:65:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:105:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc1->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:112:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc2->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:118:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc3->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:130:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc1->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:134:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc2->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:140:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc3->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:153:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc1->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:157:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc2->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:161:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). doc1->open( tempfile2.fileName() ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:163:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc3->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:176:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc1->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:180:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc2->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:189:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc3->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:202:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:203:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:215:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:229:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docRead.open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:240:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc1->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:244:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc2->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:247:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc2->open(tempfile.fileName(), KEduVocDocument::FileIgnoreLock); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:263:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int docError = doc1->open(tempfile.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:267:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docError = doc2->open(tempfile2.fileName()); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp:53:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!m_tempTestFile.open()) { data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp:87:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). openResult = docKvtml.open(tmpTestFileUrl(), KEduVocDocument::FileOpenReadOnly); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp:92:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). openResult = docCsv.open(tmpTestFileUrl(), KEduVocDocument::FileOpenReadOnly); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentvalidatortest.cpp:57:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). temp.open(); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentvalidatortest.cpp:79:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). docRead.open(fileName); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:55:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(QFile::WriteOnly ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:72:45: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). KEduVocDocument::ErrorCode errcode( doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling) ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:84:45: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). KEduVocDocument::ErrorCode errcode( doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling) ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:94:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE(doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::NoError); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:95:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE(doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::NoError); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:97:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE(doc2.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::FileLocked); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:100:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE(doc3.open(tempfile.fileName(), KEduVocDocument::FileIgnoreLock), KEduVocDocument::NoError); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:103:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE(doc2.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::NoError); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:113:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE( doc.open(tempfile.fileName() ), int( KEduVocDocument::FileTypeUnknown ) ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:120:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE( doc.open(tempfile.fileName() ), int( KEduVocDocument::FileReaderFailed ) ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:127:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QCOMPARE( doc.open(tempfile.fileName() ), int( KEduVocDocument::NoError ) ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h:36:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(QFile::WriteOnly ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h:55:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buffer->open( QIODevice::ReadOnly ); \ data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:159:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_buffer->open( QIODevice::ReadOnly ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:355:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buffer->open(QIODevice::ReadOnly); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:405:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). buffer->open(QIODevice::ReadOnly); data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:177:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f->open( QIODevice::ReadWrite ); data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:188:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !autosave.open( QIODevice::ReadWrite ) ) { data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:220:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f.open(QIODevice::ReadOnly); data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:230:45: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). KEduVocDocument::ErrorCode KEduVocDocument::open(const QUrl &url, FileHandlingFlags flags) data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:249:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!tempFile.open()) { data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:275:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (f.open(QIODevice::ReadOnly)) { data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:352:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !f.open( QIODevice::WriteOnly ) ) { data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.h:129:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ErrorCode open(const QUrl &url, FileHandlingFlags flags = FileDefaultHandling); data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.cpp:90:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). doc->open( QUrl::fromLocalFile( this->m_fileList[i] ) ); data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.cpp:169:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). doc.open( fileUrl ); data/libkeduvocdocument-20.04.3/keduvocdocument/tests/converter.cpp:62:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). document.open( infile ); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h:58:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode actualError(reader->read(docRead ) ); \ data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:359:50: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode errorCode(reader->read(testDoc)); data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:409:50: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode errorCode(reader->read(testDoc)); data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:278:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). errStatus = reader->read(*this); data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:316:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( tmp.path().right( strlen( "." KVTML_EXT ) ) == "." KVTML_EXT ) data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:318:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if ( tmp.path().right( strlen( "." CSV_EXT ) ) == "." CSV_EXT ) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.cpp:82:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode DummyReader::read(KEduVocDocument &) { data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.h:82:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.cpp:48:42: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode FailedReader::read(KEduVocDocument &) { data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.h:62:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.cpp:49:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode KEduVocCsvReader::read(KEduVocDocument & doc ) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.h:54:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.cpp:59:49: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode KEduVocKvtml2Reader::read(KEduVocDocument &doc) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.cpp:82:55: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode retval = oldFormat.read( doc ); data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.h:64:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.cpp:54:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode KEduVocKvtmlReader::read(KEduVocDocument &doc) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.h:64:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual KEduVocDocument::ErrorCode read(KEduVocDocument & doc ); data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.cpp:55:49: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode KEduVocPaukerReader::read( KEduVocDocument &doc) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.h:55:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.cpp:91:51: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode KEduVocVokabelnReader::read(KEduVocDocument & doc ) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.h:56:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.cpp:48:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode KEduVocWqlReader::read(KEduVocDocument &doc) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.h:56:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.cpp:52:47: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode KEduVocXdxfReader::read(KEduVocDocument &doc) data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.h:55:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE; data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readerbase.h:56:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual KEduVocDocument::ErrorCode read(KEduVocDocument & doc) = 0; ANALYSIS SUMMARY: Hits = 81 Lines analyzed = 14983 in approximately 0.40 seconds (37227 lines/second) Physical Source Lines of Code (SLOC) = 8236 Hits@level = [0] 0 [1] 26 [2] 55 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 81 [1+] 81 [2+] 55 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 9.83487 [1+] 9.83487 [2+] 6.678 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.