Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libkf5calendarsupport-20.08.2/src/urihandler.h
Examining data/libkf5calendarsupport-20.08.2/src/messagewidget.h
Examining data/libkf5calendarsupport-20.08.2/src/messagewidget.cpp
Examining data/libkf5calendarsupport-20.08.2/src/cellitem.h
Examining data/libkf5calendarsupport-20.08.2/src/tagcache.h
Examining data/libkf5calendarsupport-20.08.2/src/autotests/noteeditdialogtest.h
Examining data/libkf5calendarsupport-20.08.2/src/autotests/noteeditdialogtest.cpp
Examining data/libkf5calendarsupport-20.08.2/src/kdatepickerpopup.cpp
Examining data/libkf5calendarsupport-20.08.2/src/archivedialog.cpp
Examining data/libkf5calendarsupport-20.08.2/src/calendarsingleton.cpp
Examining data/libkf5calendarsupport-20.08.2/src/archivedialog.h
Examining data/libkf5calendarsupport-20.08.2/src/calendarutils.h
Examining data/libkf5calendarsupport-20.08.2/src/utils.h
Examining data/libkf5calendarsupport-20.08.2/src/kdatepickerpopup.h
Examining data/libkf5calendarsupport-20.08.2/src/plugin.cpp
Examining data/libkf5calendarsupport-20.08.2/src/kcalprefs.cpp
Examining data/libkf5calendarsupport-20.08.2/src/eventarchiver.cpp
Examining data/libkf5calendarsupport-20.08.2/src/collectionselection.h
Examining data/libkf5calendarsupport-20.08.2/src/identitymanager.cpp
Examining data/libkf5calendarsupport-20.08.2/src/noteeditdialog.cpp
Examining data/libkf5calendarsupport-20.08.2/src/urihandler.cpp
Examining data/libkf5calendarsupport-20.08.2/src/incidenceattachmentmodel.cpp
Examining data/libkf5calendarsupport-20.08.2/src/incidenceattachmentmodel.h
Examining data/libkf5calendarsupport-20.08.2/src/categoryhierarchyreader.cpp
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freebusyitemmodel.h
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/autotests/modeltest.cpp
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/autotests/testfreebusyitemmodel.cpp
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/autotests/testfreebusyitemmodel.h
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/autotests/testfreeperiodmodel.cpp
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/autotests/testfreeperiodmodel.h
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/autotests/modeltest.h
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.cpp
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freebusyitem.h
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freebusyitem.cpp
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freebusycalendar.h
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freebusycalendar.cpp
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.h
Examining data/libkf5calendarsupport-20.08.2/src/freebusymodel/freebusyitemmodel.cpp
Examining data/libkf5calendarsupport-20.08.2/src/calendarsingleton.h
Examining data/libkf5calendarsupport-20.08.2/src/utils.cpp
Examining data/libkf5calendarsupport-20.08.2/src/next/incidenceviewer.h
Examining data/libkf5calendarsupport-20.08.2/src/next/incidenceviewer_p.h
Examining data/libkf5calendarsupport-20.08.2/src/next/incidenceviewer.cpp
Examining data/libkf5calendarsupport-20.08.2/src/kcalprefs.h
Examining data/libkf5calendarsupport-20.08.2/src/categoryconfig.cpp
Examining data/libkf5calendarsupport-20.08.2/src/calendarutils.cpp
Examining data/libkf5calendarsupport-20.08.2/src/eventarchiver.h
Examining data/libkf5calendarsupport-20.08.2/src/categoryhierarchyreader.h
Examining data/libkf5calendarsupport-20.08.2/src/tagcache.cpp
Examining data/libkf5calendarsupport-20.08.2/src/collectionselection.cpp
Examining data/libkf5calendarsupport-20.08.2/src/attachmenthandler.cpp
Examining data/libkf5calendarsupport-20.08.2/src/categoryconfig.h
Examining data/libkf5calendarsupport-20.08.2/src/attachmenthandler.h
Examining data/libkf5calendarsupport-20.08.2/src/plugin.h
Examining data/libkf5calendarsupport-20.08.2/src/cellitem.cpp
Examining data/libkf5calendarsupport-20.08.2/src/printing/journalprint.cpp
Examining data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/calprinter.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/whatsnext/whatsnextprint.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/whatsnext/whatsnextprint.cpp
Examining data/libkf5calendarsupport-20.08.2/src/printing/calprintdefaultplugins.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/yearprint.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/calprintdefaultplugins.cpp
Examining data/libkf5calendarsupport-20.08.2/src/printing/calprinter.cpp
Examining data/libkf5calendarsupport-20.08.2/src/printing/printplugin.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/journalprint.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/itemlist/itemlistprint.h
Examining data/libkf5calendarsupport-20.08.2/src/printing/itemlist/itemlistprint.cpp
Examining data/libkf5calendarsupport-20.08.2/src/printing/yearprint.cpp
Examining data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp
Examining data/libkf5calendarsupport-20.08.2/src/identitymanager.h
Examining data/libkf5calendarsupport-20.08.2/src/noteeditdialog.h
FINAL RESULTS:
data/libkf5calendarsupport-20.08.2/src/eventarchiver.cpp:141:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(limitDate,
data/libkf5calendarsupport-20.08.2/src/eventarchiver.cpp:173:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(limitDate, QLocale::ShortFormat)),
data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.cpp:145:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(startDate.dayOfWeek(), QLocale::LongFormat)).toString();
data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.cpp:154:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
= QLocale::system().toString(period.start().time(), QLocale::ShortFormat);
data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.cpp:155:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString endTime = QLocale::system().toString(period.end().time(), QLocale::ShortFormat);
data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.cpp:156:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString longMonthName = QLocale::system().monthName(startDate.month());
data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.cpp:175:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
= QLocale::system().monthName(startDate.month(), QLocale::LongFormat);
data/libkf5calendarsupport-20.08.2/src/freebusymodel/freeperiodmodel.cpp:176:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString dayofWeek = QLocale::system().dayName(startDate.dayOfWeek(), QLocale::LongFormat);
data/libkf5calendarsupport-20.08.2/src/printing/calprintdefaultplugins.cpp:323:50: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
exceptString.append(QLocale::system().toString(recurs->exDates().at(i),
data/libkf5calendarsupport-20.08.2/src/printing/calprintdefaultplugins.cpp:812:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
auto local = QLocale::system();
data/libkf5calendarsupport-20.08.2/src/printing/calprintdefaultplugins.cpp:1102:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
auto local = QLocale::system();
data/libkf5calendarsupport-20.08.2/src/printing/calprintdefaultplugins.cpp:1345:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().monthName(curMonth.month()),
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:645:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QString dateStr = QLocale::system().toString(QDateTime::currentDateTime(), QLocale::LongFormat);
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:671:68: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
p.drawText(titleBox, Qt::AlignTop | Qt::AlignHCenter, QLocale::system().monthName(month));
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:679:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QString tmpStr = QLocale::system().dayName(monthDate2.dayOfWeek())[0].toUpper();
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:728:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
drawSubHeaderBox(p, QLocale::system().dayName(qd.dayOfWeek()), box);
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:778:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
numStr = QLocale::system().toString(time, QLocale::ShortFormat);
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1005:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(item->start().time(), QLocale::ShortFormat),
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1006:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(item->end().time(), QLocale::ShortFormat),
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1011:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(item->start().time(), QLocale::ShortFormat),
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1012:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().toString(item->end().time(), QLocale::ShortFormat),
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1048:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const auto local = QLocale::system();
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1065:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().dayName(qd.dayOfWeek()),
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1066:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QLocale::system().monthName(qd.month(), QLocale::ShortFormat),
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1501:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
drawSubHeaderBox(p, QLocale::system().monthName(dt.month()), subheaderBox);
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:1824:33: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const auto local = QLocale::system();
data/libkf5calendarsupport-20.08.2/src/printing/calprintpluginbase.cpp:2053:31: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
QString dateText(QLocale::system().toString(journal->dtStart().toLocalTime().date(),
data/libkf5calendarsupport-20.08.2/src/printing/yearprint.cpp:117:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
auto locale = QLocale::system();
data/libkf5calendarsupport-20.08.2/src/attachmenthandler.cpp:160:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
s_tempFile->open();
data/libkf5calendarsupport-20.08.2/src/eventarchiver.cpp:201:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmpFile.open();
data/libkf5calendarsupport-20.08.2/src/categoryhierarchyreader.cpp:56:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void CategoryHierarchyReader::read(const QStringList &categories)
data/libkf5calendarsupport-20.08.2/src/categoryhierarchyreader.h:35:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(const QStringList &categories);
ANALYSIS SUMMARY:
Hits = 32
Lines analyzed = 15248 in approximately 0.45 seconds (33650 lines/second)
Physical Source Lines of Code (SLOC) = 10282
Hits@level = [0] 0 [1] 2 [2] 2 [3] 0 [4] 28 [5] 0
Hits@level+ = [0+] 32 [1+] 32 [2+] 30 [3+] 28 [4+] 28 [5+] 0
Hits/KSLOC@level+ = [0+] 3.11223 [1+] 3.11223 [2+] 2.91772 [3+] 2.72321 [4+] 2.72321 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.