Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libkf5incidenceeditor-20.08.2/autotests/testindividualmaildialog.cpp Examining data/libkf5incidenceeditor-20.08.2/autotests/modeltest.cpp Examining data/libkf5incidenceeditor-20.08.2/autotests/testfreebusyganttproxymodel.h Examining data/libkf5incidenceeditor-20.08.2/autotests/testfreebusyganttproxymodel.cpp Examining data/libkf5incidenceeditor-20.08.2/autotests/ktimezonecomboboxtest.cpp Examining data/libkf5incidenceeditor-20.08.2/autotests/ktimezonecomboboxtest.h Examining data/libkf5incidenceeditor-20.08.2/autotests/conflictresolvertest.cpp Examining data/libkf5incidenceeditor-20.08.2/autotests/modeltest.h Examining data/libkf5incidenceeditor-20.08.2/autotests/conflictresolvertest.h Examining data/libkf5incidenceeditor-20.08.2/tests/resourcemanagment_gui.cpp Examining data/libkf5incidenceeditor-20.08.2/tests/individualmaildialog_test.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attachmenteditdialog.h Examining data/libkf5incidenceeditor-20.08.2/src/attendeelineeditdelegate.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencecategories.h Examining data/libkf5incidenceeditor-20.08.2/src/visualfreebusywidget.cpp Examining data/libkf5incidenceeditor-20.08.2/src/kweekdaycheckcombo.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attendeedata.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialogfactory.h Examining data/libkf5incidenceeditor-20.08.2/src/categorydialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/resourcemodel.h Examining data/libkf5incidenceeditor-20.08.2/src/alarmpresets.cpp Examining data/libkf5incidenceeditor-20.08.2/src/korganizereditorconfig.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencedescription.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattendee.h Examining data/libkf5incidenceeditor-20.08.2/src/editorconfig.h Examining data/libkf5incidenceeditor-20.08.2/src/conflictresolver.cpp Examining data/libkf5incidenceeditor-20.08.2/src/opencomposerjob.h Examining data/libkf5incidenceeditor-20.08.2/src/resourcemanagement.h Examining data/libkf5incidenceeditor-20.08.2/src/resourcemodel.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attachmenticonview.cpp Examining data/libkf5incidenceeditor-20.08.2/src/freebusyurldialog.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencedefaults.h Examining data/libkf5incidenceeditor-20.08.2/src/attachmenteditdialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidenceresource.cpp Examining data/libkf5incidenceeditor-20.08.2/src/resourceitem.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattendee.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.h Examining data/libkf5incidenceeditor-20.08.2/src/tests/main.cpp Examining data/libkf5incidenceeditor-20.08.2/src/combinedincidenceeditor.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attendeeline.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattachment.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencedefaults.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditor-ng.h Examining data/libkf5incidenceeditor-20.08.2/src/attendeedata.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencewhatwhere.h Examining data/libkf5incidenceeditor-20.08.2/src/groupwareuidelegate.h Examining data/libkf5incidenceeditor-20.08.2/src/visualfreebusywidget.h Examining data/libkf5incidenceeditor-20.08.2/src/editorconfig.cpp Examining data/libkf5incidenceeditor-20.08.2/src/categoryeditdialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attendeelineeditdelegate.cpp Examining data/libkf5incidenceeditor-20.08.2/src/alarmdialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/individualmaildialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attendeetablemodel.h Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditorsettings.cpp Examining data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/resourcemanagement.cpp Examining data/libkf5incidenceeditor-20.08.2/src/editoritemmanager.h Examining data/libkf5incidenceeditor-20.08.2/src/editoritemmanager.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attachmenticonview.h Examining data/libkf5incidenceeditor-20.08.2/src/ldaputils.cpp Examining data/libkf5incidenceeditor-20.08.2/src/templatemanagementdialog.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencecompletionpriority.cpp Examining data/libkf5incidenceeditor-20.08.2/src/individualmailcomponentfactory.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencecompletionpriority.h Examining data/libkf5incidenceeditor-20.08.2/src/individualmaildialog.h Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditor.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.h Examining data/libkf5incidenceeditor-20.08.2/src/freebusyganttproxymodel.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencesecrecy.cpp Examining data/libkf5incidenceeditor-20.08.2/src/categoryeditdialog.h Examining data/libkf5incidenceeditor-20.08.2/src/templatemanagementdialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencewhatwhere.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencedatetime.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attendeetablemodel.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencealarm.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attendeeeditor.cpp Examining data/libkf5incidenceeditor-20.08.2/src/categoryselectdialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/individualmailcomponentfactory.h Examining data/libkf5incidenceeditor-20.08.2/src/resourceitem.h Examining data/libkf5incidenceeditor-20.08.2/src/ldaputils.h Examining data/libkf5incidenceeditor-20.08.2/src/ktimezonecombobox.h Examining data/libkf5incidenceeditor-20.08.2/src/categoryselectdialog.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencesecrecy.h Examining data/libkf5incidenceeditor-20.08.2/src/freebusyganttproxymodel.h Examining data/libkf5incidenceeditor-20.08.2/src/incidenceattachment.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialogfactory.cpp Examining data/libkf5incidenceeditor-20.08.2/src/freebusyurldialog.cpp Examining data/libkf5incidenceeditor-20.08.2/src/conflictresolver.h Examining data/libkf5incidenceeditor-20.08.2/src/incidenceeditorsettings.h Examining data/libkf5incidenceeditor-20.08.2/src/attendeeeditor.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencealarm.h Examining data/libkf5incidenceeditor-20.08.2/src/attendeecomboboxdelegate.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencedialog.h Examining data/libkf5incidenceeditor-20.08.2/src/korganizereditorconfig.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidenceresource.h Examining data/libkf5incidenceeditor-20.08.2/src/combinedincidenceeditor.h Examining data/libkf5incidenceeditor-20.08.2/src/ktimezonecombobox.cpp Examining data/libkf5incidenceeditor-20.08.2/src/incidencedescription.h Examining data/libkf5incidenceeditor-20.08.2/src/alarmpresets.h Examining data/libkf5incidenceeditor-20.08.2/src/alarmdialog.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencedatetime.h Examining data/libkf5incidenceeditor-20.08.2/src/incidencecategories.cpp Examining data/libkf5incidenceeditor-20.08.2/src/autochecktreewidget.h Examining data/libkf5incidenceeditor-20.08.2/src/attendeecomboboxdelegate.h Examining data/libkf5incidenceeditor-20.08.2/src/kweekdaycheckcombo.h Examining data/libkf5incidenceeditor-20.08.2/src/categorydialog.h Examining data/libkf5incidenceeditor-20.08.2/src/opencomposerjob.cpp Examining data/libkf5incidenceeditor-20.08.2/src/attendeeline.h Examining data/libkf5incidenceeditor-20.08.2/src/autochecktreewidget.cpp Examining data/libkf5incidenceeditor-20.08.2/src/groupwareuidelegate.cpp FINAL RESULTS: data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:504:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().dayName(date.dayOfWeek(), data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:510:30: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)).toString(); data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:514:30: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)).toString(); data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:527:44: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. const QString longMonthName = QLocale::system().monthName(date.month(), QLocale::LongFormat); data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:539:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)). data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:545:30: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)). data/libkf5incidenceeditor-20.08.2/src/incidencerecurrence.cpp:551:30: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().dayName(date.dayOfWeek(), QLocale::LongFormat)). data/libkf5incidenceeditor-20.08.2/src/kweekdaycheckcombo.cpp:38:46: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. const QString weekDayName = QLocale::system().dayName(dayOfWeek + 1, QLocale::ShortFormat); data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp:194:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().dayName(dayOfWeek, QLocale::LongFormat)). data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp:196:25: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. subs(QLocale::system().monthName(startDate.month(), QLocale::LongFormat)).toString(); data/libkf5incidenceeditor-20.08.2/src/schedulingdialog.cpp:214:41: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. "to %1").subs(QLocale::system().toString(endTime)).toString(); data/libkf5incidenceeditor-20.08.2/src/attachmenticonview.cpp:204:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file->open(); data/libkf5incidenceeditor-20.08.2/src/categorydialog.cpp:107:63: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CategoryHierarchyReaderQTreeWidget(mWidgets->mCategories).read(cats); data/libkf5incidenceeditor-20.08.2/src/categoryeditdialog.cpp:119:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). mWidgets->mCategories).read(mCategoryConfig->customCategories()); data/libkf5incidenceeditor-20.08.2/src/categoryselectdialog.cpp:90:63: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CategoryHierarchyReaderQTreeWidget(mWidgets->mCategories).read(cats); ANALYSIS SUMMARY: Hits = 15 Lines analyzed = 19835 in approximately 0.63 seconds (31332 lines/second) Physical Source Lines of Code (SLOC) = 13394 Hits@level = [0] 0 [1] 3 [2] 1 [3] 0 [4] 11 [5] 0 Hits@level+ = [0+] 15 [1+] 15 [2+] 12 [3+] 11 [4+] 11 [5+] 0 Hits/KSLOC@level+ = [0+] 1.1199 [1+] 1.1199 [2+] 0.895924 [3+] 0.821263 [4+] 0.821263 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.