Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/nixnote2-2.1.6+dfsg1/src/application.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/application.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/addnote.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/addnote.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/alternote.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/alternote.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinequery.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinequery.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/deletenote.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/deletenote.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/emailnote.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/emailnote.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/extractnotes.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/extractnotes.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/extractnotetext.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/extractnotetext.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/importnotes.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/importnotes.h
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/signalgui.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/cmdtools/signalgui.h
Examining data/nixnote2-2.1.6+dfsg1/src/communication/communicationerror.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/communication/communicationerror.h
Examining data/nixnote2-2.1.6+dfsg1/src/communication/communicationmanager.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/communication/communicationmanager.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/aboutdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/aboutdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/accountdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/accountdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/accountmaintenancedialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/accountmaintenancedialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/adduseraccountdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/adduseraccountdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/closenotebookdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/closenotebookdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/databasestatus.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/databasestatus.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/emaildialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/emaildialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/encryptdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/encryptdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/endecryptdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/endecryptdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/faderdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/faderdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/htmlentitiesdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/htmlentitiesdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/insertlatexdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/insertlatexdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/insertlinkdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/insertlinkdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/locationdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/locationdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/logindialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/logindialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/notebookproperties.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/notebookproperties.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/notehistoryselect.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/notehistoryselect.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/noteproperties.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/noteproperties.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/appearancepreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/appearancepreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/debugpreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/debugpreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/emailpreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/emailpreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/exitpreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/exitpreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/localepreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/localepreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/preferencesdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/preferencesdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/searchpreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/searchpreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/syncpreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/syncpreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/thumbnailpreferences.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/thumbnailpreferences.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/remindersetdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/remindersetdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/savedsearchproperties.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/savedsearchproperties.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/shortcutdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/shortcutdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/spellcheckdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/spellcheckdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/tabledialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/tabledialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/tagproperties.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/tagproperties.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/watchfolderadd.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/watchfolderadd.h
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/watchfolderdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/dialog/watchfolderdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/emailaddress.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/emailaddress.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimeattachment.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimeattachment.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimecontentformatter.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimecontentformatter.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimefile.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimefile.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimehtml.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimehtml.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimeinlinefile.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimeinlinefile.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimemessage.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimemessage.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimemultipart.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimemultipart.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimepart.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimepart.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimetext.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/mimetext.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/quotedprintable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/quotedprintable.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/smtpclient.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/email/smtpclient.h
Examining data/nixnote2-2.1.6+dfsg1/src/email/smtpexports.h
Examining data/nixnote2-2.1.6+dfsg1/src/exits/exitmanager.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/exits/exitmanager.h
Examining data/nixnote2-2.1.6+dfsg1/src/exits/exitpoint.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/exits/exitpoint.h
Examining data/nixnote2-2.1.6+dfsg1/src/filters/filtercriteria.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/filters/filtercriteria.h
Examining data/nixnote2-2.1.6+dfsg1/src/filters/filterengine.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/filters/filterengine.h
Examining data/nixnote2-2.1.6+dfsg1/src/filters/lenseresults.h
Examining data/nixnote2-2.1.6+dfsg1/src/filters/notesortfilterproxymodel.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/filters/notesortfilterproxymodel.h
Examining data/nixnote2-2.1.6+dfsg1/src/filters/remotequery.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/filters/remotequery.h
Examining data/nixnote2-2.1.6+dfsg1/src/global.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/global.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/authoreditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/authoreditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/colormenu.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/colormenu.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/dateeditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/dateeditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/datetimeeditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/datetimeeditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/editorbuttonbar.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/editorbuttonbar.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/expandbutton.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/expandbutton.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/fontnamecombobox.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/fontnamecombobox.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/fontsizecombobox.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/fontsizecombobox.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/locationeditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/locationeditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/notebookmenubutton.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/notebookmenubutton.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/ntitleeditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/ntitleeditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/reminderbutton.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/reminderbutton.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/table/tablepropertiesdialog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/table/tablepropertiesdialog.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/tageditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/tageditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/tageditornewtag.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/tageditornewtag.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/tagviewer.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/tagviewer.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/urleditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/browserWidgets/urleditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/datedelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/datedelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/externalbrowse.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/externalbrowse.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/favoritesview.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/favoritesview.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/favoritesviewdelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/favoritesviewdelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/favoritesviewitem.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/favoritesviewitem.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/findreplace.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/findreplace.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/flowlayout.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/flowlayout.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/imagedelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/imagedelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/lineedit.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/lineedit.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nattributetree.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nattributetree.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nmainmenubar.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nmainmenubar.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nnotebookview.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nnotebookview.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nnotebookviewdelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nnotebookviewdelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nnotebookviewitem.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nnotebookviewitem.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nsearchview.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nsearchview.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nsearchviewitem.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nsearchviewitem.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntableview.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntableview.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntableviewheader.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntableviewheader.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntabwidget.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntabwidget.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntagview.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntagview.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntagviewdelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntagviewdelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntagviewitem.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntagviewitem.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntrashtree.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntrashtree.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntrashviewdelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/ntrashviewdelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/numberdelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/numberdelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nwebpage.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nwebpage.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nwebview.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/nwebview.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/plugins/pluginfactory.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/plugins/pluginfactory.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/plugins/popplergraphicsview.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/plugins/popplergraphicsview.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/plugins/popplerviewer.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/plugins/popplerviewer.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/reminderorderdelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/reminderorderdelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/shortcutkeys.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/shortcutkeys.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/traymenu.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/traymenu.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/treewidgeteditor.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/treewidgeteditor.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/truefalsedelegate.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/truefalsedelegate.h
Examining data/nixnote2-2.1.6+dfsg1/src/gui/widgetpanel.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/gui/widgetpanel.h
Examining data/nixnote2-2.1.6+dfsg1/src/html/NoteFormatterBase.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/html/NoteFormatterBase.h
Examining data/nixnote2-2.1.6+dfsg1/src/html/attachmenticonbuilder.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/html/attachmenticonbuilder.h
Examining data/nixnote2-2.1.6+dfsg1/src/html/enmlformatter.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/html/enmlformatter.h
Examining data/nixnote2-2.1.6+dfsg1/src/html/noteformatter.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/html/noteformatter.h
Examining data/nixnote2-2.1.6+dfsg1/src/html/tagscanner.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/html/tagscanner.h
Examining data/nixnote2-2.1.6+dfsg1/src/html/thumbnailer.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/html/thumbnailer.h
Examining data/nixnote2-2.1.6+dfsg1/src/hunspell/spellchecker.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/hunspell/spellchecker.h
Examining data/nixnote2-2.1.6+dfsg1/src/logger/qsdebugoutput.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/logger/qsdebugoutput.h
Examining data/nixnote2-2.1.6+dfsg1/src/logger/qslog.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/logger/qslog.h
Examining data/nixnote2-2.1.6+dfsg1/src/logger/qslogdest.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/logger/qslogdest.h
Examining data/nixnote2-2.1.6+dfsg1/src/main.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/models/notecache.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/models/notecache.h
Examining data/nixnote2-2.1.6+dfsg1/src/models/notemodel.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/models/notemodel.h
Examining data/nixnote2-2.1.6+dfsg1/src/models/ntreemodel.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/models/ntreemodel.h
Examining data/nixnote2-2.1.6+dfsg1/src/nixnote.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/nixnote.h
Examining data/nixnote2-2.1.6+dfsg1/src/oauth/oauthtokenizer.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/oauth/oauthtokenizer.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/AsyncResult.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/EventLoopFinisher.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/EverCloudException.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/InkNoteImageDownloader.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/Optional.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/QEverCloud.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/QEverCloudOAuth.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/VersionInfo.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/exceptions.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/export.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/generated/EDAMErrorCode.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/generated/constants.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/generated/services.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/generated/types.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/globals.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/oauth.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/qt4helpers.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/thumbnail.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/AsyncResult.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/EventLoopFinisher.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/EverCloudException.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/InkNoteImageDownloader.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/exceptions.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/generated/constants.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/generated/services.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/generated/types.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/generated/types_impl.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/globals.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/http.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/http.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/impl.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/services_nongenerated.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/tests/TestQEverCloud.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h
Examining data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thumbnail.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/quentier/utility/StringUtils.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/quentier/utility/StringUtils.h
Examining data/nixnote2-2.1.6+dfsg1/src/quentier/utility/StringUtils_p.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/quentier/utility/StringUtils_p.h
Examining data/nixnote2-2.1.6+dfsg1/src/reminders/reminderevent.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/reminders/reminderevent.h
Examining data/nixnote2-2.1.6+dfsg1/src/reminders/remindermanager.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/reminders/remindermanager.h
Examining data/nixnote2-2.1.6+dfsg1/src/settings/accountsmanager.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/settings/accountsmanager.h
Examining data/nixnote2-2.1.6+dfsg1/src/settings/colorsettings.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/settings/colorsettings.h
Examining data/nixnote2-2.1.6+dfsg1/src/settings/filemanager.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/settings/filemanager.h
Examining data/nixnote2-2.1.6+dfsg1/src/settings/startupconfig.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/settings/startupconfig.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/configstore.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/configstore.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/databaseconnection.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/databaseconnection.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/databaseupgrade.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/databaseupgrade.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/datastore.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/datastore.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/favoritesrecord.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/favoritesrecord.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/favoritestable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/favoritestable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/filewatchertable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/filewatchertable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/linkednotebooktable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/linkednotebooktable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/notebooktable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/notebooktable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/notemetadata.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/notemetadata.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/notetable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/notetable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/nsqlquery.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/nsqlquery.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/resourcetable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/resourcetable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/searchtable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/searchtable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/sharednotebooktable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/sharednotebooktable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/tagtable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/tagtable.h
Examining data/nixnote2-2.1.6+dfsg1/src/sql/usertable.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/sql/usertable.h
Examining data/nixnote2-2.1.6+dfsg1/src/threads/browserrunner.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/threads/browserrunner.h
Examining data/nixnote2-2.1.6+dfsg1/src/threads/counterrunner.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/threads/counterrunner.h
Examining data/nixnote2-2.1.6+dfsg1/src/threads/indexrunner.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/threads/indexrunner.h
Examining data/nixnote2-2.1.6+dfsg1/src/threads/syncrunner.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/threads/syncrunner.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/NixnoteStringUtils.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/NixnoteStringUtils.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/crossmemorymapper.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/crossmemorymapper.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/debugtool.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/debugtool.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/encrypt.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/encrypt.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/mimereference.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/mimereference.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/noteindexer.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/noteindexer.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/nuuid.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/nuuid.h
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/pixelconverter.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/utilities/pixelconverter.h
Examining data/nixnote2-2.1.6+dfsg1/src/watcher/filewatcher.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/watcher/filewatcher.h
Examining data/nixnote2-2.1.6+dfsg1/src/watcher/filewatchermanager.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/watcher/filewatchermanager.h
Examining data/nixnote2-2.1.6+dfsg1/src/xml/batchimport.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/xml/batchimport.h
Examining data/nixnote2-2.1.6+dfsg1/src/xml/exportdata.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/xml/exportdata.h
Examining data/nixnote2-2.1.6+dfsg1/src/xml/importdata.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/xml/importdata.h
Examining data/nixnote2-2.1.6+dfsg1/src/xml/importenex.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/xml/importenex.h
Examining data/nixnote2-2.1.6+dfsg1/src/xml/xmlhighlighter.cpp
Examining data/nixnote2-2.1.6+dfsg1/src/xml/xmlhighlighter.h
Examining data/nixnote2-2.1.6+dfsg1/testsrc/tests.cpp
Examining data/nixnote2-2.1.6+dfsg1/testsrc/tests.h
FINAL RESULTS:
data/nixnote2-2.1.6+dfsg1/src/dialog/preferences/localepreferences.cpp:40:64: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
translationCombo->addItem(tr("<System Default>"), QLocale::system().name());
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:3389:13: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
EnCrypt crypt(global.fileManager.getCryptoJarPath());
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:3397:18: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int rc = crypt.decrypt(plainText, text, password, cipher, len);
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:3426:18: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int rc = crypt.decrypt(plainText, text, pwd);
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:3512:13: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
EnCrypt crypt(global.fileManager.getCryptoJarPath());
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:3514:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int rc = crypt.encrypt(encrypted, text, dialog.getPassword().trimmed());
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:4088:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
locale = QLocale::system().name();
data/nixnote2-2.1.6+dfsg1/src/hunspell/spellchecker.cpp:54:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
locale = QLocale::system().name();
data/nixnote2-2.1.6+dfsg1/src/nixnote.cpp:129:74: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
translation = global.settings->value(INI_VALUE_TRANSLATION, QLocale::system().name()).toString();
data/nixnote2-2.1.6+dfsg1/testsrc/tests.cpp:282:46: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
R"R(</table><div><img en-tag="en-crypt" cipher="RC2" hint="qq" length="64" alt="bGHOocsWJD4Id76YevNUb29Lxi7/aCAI" src="file:///usr/share/nixnote2/images/encrypt.png" id="crypt1" onmouseover="style.cursor='hand'" onclick="window.browserWindow.decryptText('crypt1', 'bGHOocsWJD4Id76YevNUb29Lxi7/aCAI', 'qq', 'RC2', 64);" style="display:block"></div>)R"
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:39:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
quint64 random;
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:40:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::memcpy(&random, &randomData.constData()[0], sizeof(random));
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:40:65: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::memcpy(&random, &randomData.constData()[0], sizeof(random));
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:41:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
res ^= random;
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:42:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::memcpy(&random, &randomData.constData()[sizeof(random)], sizeof(random));
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:42:61: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::memcpy(&random, &randomData.constData()[sizeof(random)], sizeof(random));
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:42:78: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::memcpy(&random, &randomData.constData()[sizeof(random)], sizeof(random));
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:43:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
res ^= random;
data/nixnote2-2.1.6+dfsg1/src/cmdtools/addnote.cpp:57:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xmlFile.open(QIODevice::WriteOnly)) {
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinequery.cpp:54:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outputFile->open(QIODevice::WriteOnly);
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:222:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (responseFile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:267:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arr[1024];
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:427:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:487:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arr[1024];
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:584:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/communication/communicationmanager.cpp:927:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tempFile.open();
data/nixnote2-2.1.6+dfsg1/src/communication/communicationmanager.cpp:929:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(tempFile.fileName().toStdString().c_str(), "wb");
data/nixnote2-2.1.6+dfsg1/src/dialog/htmlentitiesdialog.cpp:193:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QFile::WriteOnly);
data/nixnote2-2.1.6+dfsg1/src/dialog/htmlentitiesdialog.cpp:264:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QFile::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/email/mimefile.cpp:61:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file->open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/exits/exitmanager.cpp:72:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/global.cpp:950:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/nixnote2-2.1.6+dfsg1/src/global.cpp:1043:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:1888:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:2495:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:2498:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:2639:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
b.open(QIODevice::WriteOnly);
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:3152:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/gui/nwebview.cpp:529:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
newFile.open(QIODevice::WriteOnly);
data/nixnote2-2.1.6+dfsg1/src/gui/shortcutkeys.cpp:46:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QFile::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/html/noteformatter.cpp:458:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QFile::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/hunspell/spellchecker.cpp:84:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/hunspell/spellchecker.cpp:145:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::Append);
data/nixnote2-2.1.6+dfsg1/src/logger/qslog.cpp:181:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QFile::WriteOnly | QFile::Truncate)) {
data/nixnote2-2.1.6+dfsg1/src/logger/qslogdest.cpp:51:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mFile.open(QFile::WriteOnly | QFile::Text); //fixme: should throw on failure
data/nixnote2-2.1.6+dfsg1/src/nixnote.cpp:3154:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/oauth.h:213:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/headers/oauth.h:215:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open() Q_DECL_OVERRIDE;
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/InkNoteImageDownloader.cpp:137:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Q_UNUSED(buffer.open(QIODevice::WriteOnly))
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:359:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void EvernoteOAuthDialog::open()
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/oauth.cpp:362:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
QDialog::open();
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:283:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(dest, m_buf.mid(m_pos, bytesCount).constData(), static_cast<std::size_t>(bytesCount));
data/nixnote2-2.1.6+dfsg1/src/settings/accountsmanager.cpp:36:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xmlFile.open(QIODevice::WriteOnly | QIODevice::Text);
data/nixnote2-2.1.6+dfsg1/src/settings/accountsmanager.cpp:53:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly | QIODevice::Text);
data/nixnote2-2.1.6+dfsg1/src/settings/accountsmanager.cpp:240:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xmlFile.open(QIODevice::WriteOnly | QIODevice::Text);
data/nixnote2-2.1.6+dfsg1/src/settings/filemanager.cpp:407:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QFile::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/sql/databaseconnection.cpp:43:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!conn.open()) {
data/nixnote2-2.1.6+dfsg1/src/sql/notetable.cpp:2075:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/sql/resourcetable.cpp:198:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tfile.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/sql/resourcetable.cpp:501:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tfile.open(QIODevice::WriteOnly);
data/nixnote2-2.1.6+dfsg1/src/sql/resourcetable.cpp:789:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/sql/resourcetable.cpp:1193:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!tfile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/sql/resourcetable.cpp:1202:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tfile.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/threads/indexrunner.cpp:447:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (txtFile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/utilities/crossmemorymapper.cpp:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, sharedMemory->data(), getSharedMemorySize());
data/nixnote2-2.1.6+dfsg1/src/utilities/crossmemorymapper.cpp:143:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(memptr, svalue.toStdString().c_str(), static_cast<size_t>(data.size()));
data/nixnote2-2.1.6+dfsg1/src/watcher/filewatcher.cpp:104:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/xml/batchimport.cpp:68:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xmlFile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/xml/batchimport.cpp:240:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/xml/batchimport.cpp:297:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/nixnote2-2.1.6+dfsg1/src/xml/exportdata.cpp:52:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xmlFile.open(QIODevice::WriteOnly)) {
data/nixnote2-2.1.6+dfsg1/src/xml/importdata.cpp:94:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xmlFile.open(QIODevice::ReadOnly) || !scanFile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/xml/importdata.cpp:94:57: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xmlFile.open(QIODevice::ReadOnly) || !scanFile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/xml/importenex.cpp:72:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xmlFile.open(QIODevice::ReadOnly) || !scanFile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/xml/importenex.cpp:72:57: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!xmlFile.open(QIODevice::ReadOnly) || !scanFile.open(QIODevice::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/testsrc/tests.cpp:358:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QFile::ReadOnly)) {
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:268:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::cin.read(arr,sizeof(arr));
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:317:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = crossMemory.read();
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:488:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::cin.read(arr,sizeof(arr));
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:537:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = crossMemory.read();
data/nixnote2-2.1.6+dfsg1/src/cmdtools/cmdlinetool.cpp:656:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = sharedMemory.read();
data/nixnote2-2.1.6+dfsg1/src/gui/nbrowserwindow.cpp:2505:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d.body = f.read(data.size());
data/nixnote2-2.1.6+dfsg1/src/html/noteformatter.cpp:459:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = f.read(10);
data/nixnote2-2.1.6+dfsg1/src/nixnote.cpp:2618:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray data = global.sharedMemory->read();
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:273:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(quint8 * dest, qint32 bytesCount)
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:404:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(b, 1);
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:412:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(b, 1);
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:424:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(theBytes.b, 2);
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:436:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(theBytes.b, 4);
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:448:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(theBytes.b, 8);
data/nixnote2-2.1.6+dfsg1/src/qevercloud/QEverCloud/src/thrift.h:462:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(theBytes.b, 8);
data/nixnote2-2.1.6+dfsg1/src/utilities/crossmemorymapper.cpp:114:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray CrossMemoryMapper::read() {
data/nixnote2-2.1.6+dfsg1/src/utilities/crossmemorymapper.h:52:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
QByteArray read();
ANALYSIS SUMMARY:
Hits = 93
Lines analyzed = 112024 in approximately 2.90 seconds (38651 lines/second)
Physical Source Lines of Code (SLOC) = 79002
Hits@level = [0] 6 [1] 17 [2] 58 [3] 8 [4] 10 [5] 0
Hits@level+ = [0+] 99 [1+] 93 [2+] 76 [3+] 18 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 1.25313 [1+] 1.17719 [2+] 0.962001 [3+] 0.227842 [4+] 0.126579 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.