Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libkf5incidenceeditor-20.08.2/autotests/testindividualmaildialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/autotests/modeltest.cpp
Examining data/libkf5incidenceeditor-20.08.2/autotests/testfreebusyganttproxymodel.h
Examining data/libkf5incidenceeditor-20.08.2/autotests/testfreebusyganttproxymodel.cpp
Examining data/libkf5incidenceeditor-20.08.2/autotests/ktimezonecomboboxtest.cpp
Examining data/libkf5incidenceeditor-20.08.2/autotests/ktimezonecomboboxtest.h
Examining data/libkf5incidenceeditor-20.08.2/autotests/conflictresolvertest.cpp
Examining data/libkf5incidenceeditor-20.08.2/autotests/modeltest.h
Examining data/libkf5incidenceeditor-20.08.2/autotests/conflictresolvertest.h
Examining data/libkf5incidenceeditor-20.08.2/tests/resourcemanagment_gui.cpp
Examining data/libkf5incidenceeditor-20.08.2/tests/individualmaildialog_test.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attachmenteditdialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/attendeelineeditdelegate.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencecategories.h
Examining data/libkf5incidenceeditor-20.08.2/src/visualfreebusywidget.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/kweekdaycheckcombo.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attendeedata.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialogfactory.h
Examining data/libkf5incidenceeditor-20.08.2/src/categorydialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/resourcemodel.h
Examining data/libkf5incidenceeditor-20.08.2/src/alarmpresets.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/korganizereditorconfig.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedescription.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattendee.h
Examining data/libkf5incidenceeditor-20.08.2/src/editorconfig.h
Examining data/libkf5incidenceeditor-20.08.2/src/conflictresolver.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/opencomposerjob.h
Examining data/libkf5incidenceeditor-20.08.2/src/resourcemanagement.h
Examining data/libkf5incidenceeditor-20.08.2/src/resourcemodel.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attachmenticonview.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/freebusyurldialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedefaults.h
Examining data/libkf5incidenceeditor-20.08.2/src/attachmenteditdialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceresource.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/resourceitem.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattendee.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.h
Examining data/libkf5incidenceeditor-20.08.2/src/tests/main.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/combinedincidenceeditor.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attendeeline.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattachment.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedefaults.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditor-ng.h
Examining data/libkf5incidenceeditor-20.08.2/src/attendeedata.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencewhatwhere.h
Examining data/libkf5incidenceeditor-20.08.2/src/groupwareuidelegate.h
Examining data/libkf5incidenceeditor-20.08.2/src/visualfreebusywidget.h
Examining data/libkf5incidenceeditor-20.08.2/src/editorconfig.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/categoryeditdialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attendeelineeditdelegate.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/alarmdialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/individualmaildialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attendeetablemodel.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditorsettings.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/resourcemanagement.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/editoritemmanager.h
Examining data/libkf5incidenceeditor-20.08.2/src/editoritemmanager.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attachmenticonview.h
Examining data/libkf5incidenceeditor-20.08.2/src/ldaputils.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/templatemanagementdialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencecompletionpriority.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/individualmailcomponentfactory.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencecompletionpriority.h
Examining data/libkf5incidenceeditor-20.08.2/src/individualmaildialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditor.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/freebusyganttproxymodel.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencesecrecy.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/categoryeditdialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/templatemanagementdialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencewhatwhere.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedatetime.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attendeetablemodel.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencealarm.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attendeeeditor.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/categoryselectdialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/individualmailcomponentfactory.h
Examining data/libkf5incidenceeditor-20.08.2/src/resourceitem.h
Examining data/libkf5incidenceeditor-20.08.2/src/ldaputils.h
Examining data/libkf5incidenceeditor-20.08.2/src/ktimezonecombobox.h
Examining data/libkf5incidenceeditor-20.08.2/src/categoryselectdialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencesecrecy.h
Examining data/libkf5incidenceeditor-20.08.2/src/freebusyganttproxymodel.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattachment.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialogfactory.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/freebusyurldialog.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/conflictresolver.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditorsettings.h
Examining data/libkf5incidenceeditor-20.08.2/src/attendeeeditor.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencealarm.h
Examining data/libkf5incidenceeditor-20.08.2/src/attendeecomboboxdelegate.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/korganizereditorconfig.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidenceresource.h
Examining data/libkf5incidenceeditor-20.08.2/src/combinedincidenceeditor.h
Examining data/libkf5incidenceeditor-20.08.2/src/ktimezonecombobox.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedescription.h
Examining data/libkf5incidenceeditor-20.08.2/src/alarmpresets.h
Examining data/libkf5incidenceeditor-20.08.2/src/alarmdialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencedatetime.h
Examining data/libkf5incidenceeditor-20.08.2/src/incidencecategories.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/autochecktreewidget.h
Examining data/libkf5incidenceeditor-20.08.2/src/attendeecomboboxdelegate.h
Examining data/libkf5incidenceeditor-20.08.2/src/kweekdaycheckcombo.h
Examining data/libkf5incidenceeditor-20.08.2/src/categorydialog.h
Examining data/libkf5incidenceeditor-20.08.2/src/opencomposerjob.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/attendeeline.h
Examining data/libkf5incidenceeditor-20.08.2/src/autochecktreewidget.cpp
Examining data/libkf5incidenceeditor-20.08.2/src/groupwareuidelegate.cpp
FINAL RESULTS:
data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:504:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(date.dayOfWeek(),
data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:510:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)).toString();
data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:514:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)).toString();
data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:527:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString longMonthName = QLocale::system().monthName(date.month(), QLocale::LongFormat);
data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:539:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)).
data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:545:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)).
data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:551:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)).
data/libkf5incidenceeditor-20.08.2/src/kweekdaycheckcombo.cpp:38:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const QString weekDayName = QLocale::system().dayName(dayOfWeek + 1, QLocale::ShortFormat);
data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp:194:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().dayName(dayOfWeek, QLocale::LongFormat)).
data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp:196:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
subs(QLocale::system().monthName(startDate.month(), QLocale::LongFormat)).toString();
data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp:214:41: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
"to %1").subs(QLocale::system().toString(endTime)).toString();
data/libkf5incidenceeditor-20.08.2/src/attachmenticonview.cpp:204:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file->open();
data/libkf5incidenceeditor-20.08.2/src/categorydialog.cpp:107:63: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CategoryHierarchyReaderQTreeWidget(mWidgets->mCategories).read(cats);
data/libkf5incidenceeditor-20.08.2/src/categoryeditdialog.cpp:119:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mWidgets->mCategories).read(mCategoryConfig->customCategories());
data/libkf5incidenceeditor-20.08.2/src/categoryselectdialog.cpp:90:63: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CategoryHierarchyReaderQTreeWidget(mWidgets->mCategories).read(cats);
ANALYSIS SUMMARY:
Hits = 15
Lines analyzed = 19835 in approximately 0.63 seconds (31332 lines/second)
Physical Source Lines of Code (SLOC) = 13394
Hits@level = [0] 0 [1] 3 [2] 1 [3] 0 [4] 11 [5] 0
Hits@level+ = [0+] 15 [1+] 15 [2+] 12 [3+] 11 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 1.1199 [1+] 1.1199 [2+] 0.895924 [3+] 0.821263 [4+] 0.821263 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.