Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccsvwriter.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocarticle.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocconjugation.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctext.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocleitnerbox.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocexpression.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerwordquiztest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/emptydocumenttest.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentvalidatortest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvoctexttest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvoctexttest.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readervokabelntest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerpaukertest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/emptydocumenttest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerxdxftest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocidentifier.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctranslation.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoclesson.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlwriter.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocwordtype.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/tests/converter.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/tests/sharedkvtmlfilestest.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocarticle.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocwordflags.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocpersonalpronoun.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/kvtml2defs.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoclesson.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlwriter.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlcompability.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtml2writer.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocexpression.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocmultiplechoice.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctext.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/kvtmldefs.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccommon_p.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdeclension.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocpersonalpronoun.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocwordtype.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocmultiplechoice.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtml2writer.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocleitnerbox.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccsvwriter.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocidentifier.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdeclension.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvockvtmlcompability.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoctranslation.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readermanager.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readerbase.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readermanager.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocconjugation.h
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccontainer.cpp
Examining data/libkeduvocdocument-20.04.3/keduvocdocument/keduvoccontainer.h
FINAL RESULTS:
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:65:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->open();
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:105:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc1->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:112:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc2->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:118:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc3->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:130:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc1->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:134:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc2->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:140:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc3->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:153:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc1->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:157:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc2->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:161:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
doc1->open( tempfile2.fileName() );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:163:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc3->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:176:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc1->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:180:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc2->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:189:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc3->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:202:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:203:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:215:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:229:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docRead.open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:240:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc1->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:244:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc2->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:247:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc2->open(tempfile.fileName(), KEduVocDocument::FileIgnoreLock);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:263:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = doc1->open(tempfile.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentfilelockingtest.cpp:267:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docError = doc2->open(tempfile2.fileName());
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp:53:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!m_tempTestFile.open()) {
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp:87:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
openResult = docKvtml.open(tmpTestFileUrl(), KEduVocDocument::FileOpenReadOnly);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumenttest.cpp:92:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
openResult = docCsv.open(tmpTestFileUrl(), KEduVocDocument::FileOpenReadOnly);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentvalidatortest.cpp:57:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp.open();
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/keduvocdocumentvalidatortest.cpp:79:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
docRead.open(fileName);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:55:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->open(QFile::WriteOnly );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:72:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
KEduVocDocument::ErrorCode errcode( doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling) );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:84:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
KEduVocDocument::ErrorCode errcode( doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling) );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:94:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE(doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::NoError);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:95:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE(doc.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::NoError);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:97:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE(doc2.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::FileLocked);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:100:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE(doc3.open(tempfile.fileName(), KEduVocDocument::FileIgnoreLock), KEduVocDocument::NoError);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:103:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE(doc2.open(tempfile.fileName(), KEduVocDocument::FileDefaultHandling), KEduVocDocument::NoError);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:113:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE( doc.open(tempfile.fileName() ), int( KEduVocDocument::FileTypeUnknown ) );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:120:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE( doc.open(tempfile.fileName() ), int( KEduVocDocument::FileReaderFailed ) );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/openAPItest.cpp:127:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QCOMPARE( doc.open(tempfile.fileName() ), int( KEduVocDocument::NoError ) );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h:36:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->open(QFile::WriteOnly );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h:55:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer->open( QIODevice::ReadOnly ); \
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:159:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_buffer->open( QIODevice::ReadOnly );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:355:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer->open(QIODevice::ReadOnly);
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:405:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
buffer->open(QIODevice::ReadOnly);
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:177:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f->open( QIODevice::ReadWrite );
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:188:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !autosave.open( QIODevice::ReadWrite ) ) {
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:220:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:230:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
KEduVocDocument::ErrorCode KEduVocDocument::open(const QUrl &url, FileHandlingFlags flags)
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:249:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!tempFile.open()) {
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:275:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::ReadOnly)) {
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:352:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( !f.open( QIODevice::WriteOnly ) ) {
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.h:129:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ErrorCode open(const QUrl &url, FileHandlingFlags flags = FileDefaultHandling);
data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.cpp:90:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
doc->open( QUrl::fromLocalFile( this->m_fileList[i] ) );
data/libkeduvocdocument-20.04.3/keduvocdocument/sharedkvtmlfiles.cpp:169:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
doc.open( fileUrl );
data/libkeduvocdocument-20.04.3/keduvocdocument/tests/converter.cpp:62:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
document.open( infile );
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerTestHelpers.h:58:56: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode actualError(reader->read(docRead ) ); \
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:359:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode errorCode(reader->read(testDoc));
data/libkeduvocdocument-20.04.3/keduvocdocument/autotests/readerkvtml2test.cpp:409:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode errorCode(reader->read(testDoc));
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:278:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
errStatus = reader->read(*this);
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:316:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( tmp.path().right( strlen( "." KVTML_EXT ) ) == "." KVTML_EXT )
data/libkeduvocdocument-20.04.3/keduvocdocument/keduvocdocument.cpp:318:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( tmp.path().right( strlen( "." CSV_EXT ) ) == "." CSV_EXT )
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.cpp:82:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode DummyReader::read(KEduVocDocument &) {
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/dummyreader.h:82:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.cpp:48:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode FailedReader::read(KEduVocDocument &) {
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/failedreader.h:62:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.cpp:49:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode KEduVocCsvReader::read(KEduVocDocument & doc )
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvoccsvreader.h:54:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.cpp:59:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode KEduVocKvtml2Reader::read(KEduVocDocument &doc)
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.cpp:82:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode retval = oldFormat.read( doc );
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtml2reader.h:64:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.cpp:54:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode KEduVocKvtmlReader::read(KEduVocDocument &doc)
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvockvtmlreader.h:64:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual KEduVocDocument::ErrorCode read(KEduVocDocument & doc );
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.cpp:55:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode KEduVocPaukerReader::read( KEduVocDocument &doc)
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocpaukerreader.h:55:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.cpp:91:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode KEduVocVokabelnReader::read(KEduVocDocument & doc )
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocvokabelnreader.h:56:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.cpp:48:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode KEduVocWqlReader::read(KEduVocDocument &doc)
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocwqlreader.h:56:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc ) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.cpp:52:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode KEduVocXdxfReader::read(KEduVocDocument &doc)
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/keduvocxdxfreader.h:55:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
KEduVocDocument::ErrorCode read(KEduVocDocument & doc) Q_DECL_OVERRIDE;
data/libkeduvocdocument-20.04.3/keduvocdocument/readerwriters/readerbase.h:56:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual KEduVocDocument::ErrorCode read(KEduVocDocument & doc) = 0;
ANALYSIS SUMMARY:
Hits = 81
Lines analyzed = 14983 in approximately 0.40 seconds (37227 lines/second)
Physical Source Lines of Code (SLOC) = 8236
Hits@level = [0] 0 [1] 26 [2] 55 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 81 [1+] 81 [2+] 55 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 9.83487 [1+] 9.83487 [2+] 6.678 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.