Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/parley-20.08.0/autotests/parleyunittestutilities.h
Examining data/parley-20.08.0/autotests/allpass2test.cpp
Examining data/parley-20.08.0/autotests/sessionmanagerfixedtest.h
Examining data/parley-20.08.0/autotests/testentrytest.cpp
Examining data/parley-20.08.0/autotests/sessionmanagerfixedtest.cpp
Examining data/parley-20.08.0/autotests/testentrytest.h
Examining data/parley-20.08.0/autotests/allpass1test.cpp
Examining data/parley-20.08.0/autotests/parleyunittestutilities.cpp
Examining data/parley-20.08.0/scripts_test/scripts.h
Examining data/parley-20.08.0/scripts_test/scripts.cpp
Examining data/parley-20.08.0/scripts_test/main.cpp
Examining data/parley-20.08.0/scripts_test/translationscript.cpp
Examining data/parley-20.08.0/scripts_test/translationscript.h
Examining data/parley-20.08.0/plasmoid/engine/parley_engine.h
Examining data/parley-20.08.0/plasmoid/engine/parley_engine.cpp
Examining data/parley-20.08.0/plasmoid/parley_plasma.h
Examining data/parley-20.08.0/plasmoid/parley_plasma.cpp
Examining data/parley-20.08.0/src/parleymainwindow.cpp
Examining data/parley-20.08.0/src/parleymainwindow.h
Examining data/parley-20.08.0/src/exportdialog.cpp
Examining data/parley-20.08.0/src/parleydocument.h
Examining data/parley-20.08.0/src/exportdialog.h
Examining data/parley-20.08.0/src/parleyactions.h
Examining data/parley-20.08.0/src/parleyactions.cpp
Examining data/parley-20.08.0/src/collection/entryfilterdialog.cpp
Examining data/parley-20.08.0/src/collection/containermimedata.cpp
Examining data/parley-20.08.0/src/collection/containermimedata.h
Examining data/parley-20.08.0/src/collection/entryfilterdialog.h
Examining data/parley-20.08.0/src/collection/containerview.cpp
Examining data/parley-20.08.0/src/collection/collection.cpp
Examining data/parley-20.08.0/src/collection/vocabularymimedata.cpp
Examining data/parley-20.08.0/src/collection/testentry.cpp
Examining data/parley-20.08.0/src/collection/lessonmodel.cpp
Examining data/parley-20.08.0/src/collection/vocabularymodel.cpp
Examining data/parley-20.08.0/src/collection/containerview.h
Examining data/parley-20.08.0/src/collection/wordclassmodel.cpp
Examining data/parley-20.08.0/src/collection/vocabularymimedata.h
Examining data/parley-20.08.0/src/collection/testentry.h
Examining data/parley-20.08.0/src/collection/lessonmodel.h
Examining data/parley-20.08.0/src/collection/collection.h
Examining data/parley-20.08.0/src/collection/readonlycontainermodel.h
Examining data/parley-20.08.0/src/collection/vocabularyfilter.h
Examining data/parley-20.08.0/src/collection/vocabularymodel.h
Examining data/parley-20.08.0/src/collection/entryfilter.cpp
Examining data/parley-20.08.0/src/collection/vocabularyfilter.cpp
Examining data/parley-20.08.0/src/collection/wordclassmodel.h
Examining data/parley-20.08.0/src/collection/entryfilter.h
Examining data/parley-20.08.0/src/collection/containermodel.cpp
Examining data/parley-20.08.0/src/collection/containermodel.h
Examining data/parley-20.08.0/src/collection/readonlycontainermodel.cpp
Examining data/parley-20.08.0/src/utils.h
Examining data/parley-20.08.0/src/dashboard/buttondelegate.cpp
Examining data/parley-20.08.0/src/dashboard/collectionwidget.h
Examining data/parley-20.08.0/src/dashboard/gradereferencewidget.cpp
Examining data/parley-20.08.0/src/dashboard/gradereferencewidget.h
Examining data/parley-20.08.0/src/dashboard/barwidget.cpp
Examining data/parley-20.08.0/src/dashboard/dashboard.h
Examining data/parley-20.08.0/src/dashboard/collectionwidget.cpp
Examining data/parley-20.08.0/src/dashboard/dashboard.cpp
Examining data/parley-20.08.0/src/dashboard/barwidget.h
Examining data/parley-20.08.0/src/dashboard/buttondelegate.h
Examining data/parley-20.08.0/src/parleydocument.cpp
Examining data/parley-20.08.0/src/settings/documentproperties.cpp
Examining data/parley-20.08.0/src/settings/languageproperties.cpp
Examining data/parley-20.08.0/src/settings/parleyprefs.cpp
Examining data/parley-20.08.0/src/settings/viewoptions.h
Examining data/parley-20.08.0/src/settings/languagepropertiespage.cpp
Examining data/parley-20.08.0/src/settings/documentproperties.h
Examining data/parley-20.08.0/src/settings/languagepropertiespage.h
Examining data/parley-20.08.0/src/settings/kgametheme/kgametheme.h
Examining data/parley-20.08.0/src/settings/kgametheme/kgamethemeselector.h
Examining data/parley-20.08.0/src/settings/kgametheme/kgamethemeselector.cpp
Examining data/parley-20.08.0/src/settings/kgametheme/kgametheme.cpp
Examining data/parley-20.08.0/src/settings/generaloptions.h
Examining data/parley-20.08.0/src/settings/generaloptions.cpp
Examining data/parley-20.08.0/src/settings/parleyprefs.h
Examining data/parley-20.08.0/src/settings/languageproperties.h
Examining data/parley-20.08.0/src/settings/viewoptions.cpp
Examining data/parley-20.08.0/src/main.cpp
Examining data/parley-20.08.0/src/utils.cpp
Examining data/parley-20.08.0/src/scripts/scripting/expression.h
Examining data/parley-20.08.0/src/scripts/scripting/identifier.cpp
Examining data/parley-20.08.0/src/scripts/scripting/document.cpp
Examining data/parley-20.08.0/src/scripts/scripting/text.cpp
Examining data/parley-20.08.0/src/scripts/scripting/lesson.cpp
Examining data/parley-20.08.0/src/scripts/scripting/translation.h
Examining data/parley-20.08.0/src/scripts/scripting/expression.cpp
Examining data/parley-20.08.0/src/scripts/scripting/lesson.h
Examining data/parley-20.08.0/src/scripts/scripting/document.h
Examining data/parley-20.08.0/src/scripts/scripting/translation.cpp
Examining data/parley-20.08.0/src/scripts/scripting/parley.h
Examining data/parley-20.08.0/src/scripts/scripting/text.h
Examining data/parley-20.08.0/src/scripts/scripting/container.h
Examining data/parley-20.08.0/src/scripts/scripting/parley.cpp
Examining data/parley-20.08.0/src/scripts/scripting/identifier.h
Examining data/parley-20.08.0/src/scripts/scripting/container.cpp
Examining data/parley-20.08.0/src/scripts/script.cpp
Examining data/parley-20.08.0/src/scripts/scriptmanager.cpp
Examining data/parley-20.08.0/src/scripts/scriptdialog.h
Examining data/parley-20.08.0/src/scripts/scriptdialog.cpp
Examining data/parley-20.08.0/src/scripts/translator.h
Examining data/parley-20.08.0/src/scripts/translator.cpp
Examining data/parley-20.08.0/src/scripts/script.h
Examining data/parley-20.08.0/src/scripts/scriptmanager.h
Examining data/parley-20.08.0/src/editor/imagechooserwidget.cpp
Examining data/parley-20.08.0/src/editor/audiowidget.h
Examining data/parley-20.08.0/src/editor/inflectionwidget.cpp
Examining data/parley-20.08.0/src/editor/summarywordwidget.cpp
Examining data/parley-20.08.0/src/editor/vocabularyheaderview.h
Examining data/parley-20.08.0/src/editor/wordtypeview.cpp
Examining data/parley-20.08.0/src/editor/vocabularycolumnsdialog.cpp
Examining data/parley-20.08.0/src/editor/FromToEntryPage.cpp
Examining data/parley-20.08.0/src/editor/comparisonwidget.cpp
Examining data/parley-20.08.0/src/editor/vocabularyheaderview.cpp
Examining data/parley-20.08.0/src/editor/editor.h
Examining data/parley-20.08.0/src/editor/summarywordwidget.h
Examining data/parley-20.08.0/src/editor/vocabularyview.cpp
Examining data/parley-20.08.0/src/editor/imagechooserwidget.h
Examining data/parley-20.08.0/src/editor/vocabularydelegate.h
Examining data/parley-20.08.0/src/editor/wordtypeview.h
Examining data/parley-20.08.0/src/editor/multiplechoicewidget.h
Examining data/parley-20.08.0/src/editor/synonymwidget.h
Examining data/parley-20.08.0/src/editor/vocabularydelegate.cpp
Examining data/parley-20.08.0/src/editor/browserwidget.h
Examining data/parley-20.08.0/src/editor/declensionwidget.h
Examining data/parley-20.08.0/src/editor/declensionwidget.cpp
Examining data/parley-20.08.0/src/editor/inflectionwidget.h
Examining data/parley-20.08.0/src/editor/lessonview.h
Examining data/parley-20.08.0/src/editor/multiplechoicewidget.cpp
Examining data/parley-20.08.0/src/editor/editor.cpp
Examining data/parley-20.08.0/src/editor/latexwidget.h
Examining data/parley-20.08.0/src/editor/browserwidget.cpp
Examining data/parley-20.08.0/src/editor/comparisonwidget.h
Examining data/parley-20.08.0/src/editor/latexwidget.cpp
Examining data/parley-20.08.0/src/editor/lessonview.cpp
Examining data/parley-20.08.0/src/editor/conjugationwidget.cpp
Examining data/parley-20.08.0/src/editor/synonymwidget.cpp
Examining data/parley-20.08.0/src/editor/audiowidget.cpp
Examining data/parley-20.08.0/src/editor/FromToEntryPage.h
Examining data/parley-20.08.0/src/editor/vocabularycolumnsdialog.h
Examining data/parley-20.08.0/src/editor/conjugationwidget.h
Examining data/parley-20.08.0/src/editor/vocabularyview.h
Examining data/parley-20.08.0/src/practice/genderbackendmode.cpp
Examining data/parley-20.08.0/src/practice/imagewidget.h
Examining data/parley-20.08.0/src/practice/statustogglebutton.cpp
Examining data/parley-20.08.0/src/practice/writtenpracticevalidator.cpp
Examining data/parley-20.08.0/src/practice/conjugationmodewidget.cpp
Examining data/parley-20.08.0/src/practice/conjugationbackendmode.h
Examining data/parley-20.08.0/src/practice/summarybarwidget.cpp
Examining data/parley-20.08.0/src/practice/practicemainwindow.h
Examining data/parley-20.08.0/src/practice/audiobutton.h
Examining data/parley-20.08.0/src/practice/multiplechoicemodewidget.cpp
Examining data/parley-20.08.0/src/practice/mixedlettersmodewidget.h
Examining data/parley-20.08.0/src/practice/practicestatemachine.h
Examining data/parley-20.08.0/src/practice/boxeswidget.cpp
Examining data/parley-20.08.0/src/practice/abstractbackendmode.h
Examining data/parley-20.08.0/src/practice/writtenpracticewidget.h
Examining data/parley-20.08.0/src/practice/latexrenderer.cpp
Examining data/parley-20.08.0/src/practice/statustogglebutton.h
Examining data/parley-20.08.0/src/practice/comparisonbackendmode.cpp
Examining data/parley-20.08.0/src/practice/sessionmanagercontinuous.cpp
Examining data/parley-20.08.0/src/practice/statustoggle.cpp
Examining data/parley-20.08.0/src/practice/writtenpracticevalidator.h
Examining data/parley-20.08.0/src/practice/guifrontend.h
Examining data/parley-20.08.0/src/practice/summarybarwidget.h
Examining data/parley-20.08.0/src/practice/conjugationmodewidget.h
Examining data/parley-20.08.0/src/practice/themedbackgroundrenderer.cpp
Examining data/parley-20.08.0/src/practice/themedbackgroundrenderer.h
Examining data/parley-20.08.0/src/practice/sessionmanagerbase.h
Examining data/parley-20.08.0/src/practice/abstractfrontend.cpp
Examining data/parley-20.08.0/src/practice/practicesummarycomponent.cpp
Examining data/parley-20.08.0/src/practice/practicemainwindow.cpp
Examining data/parley-20.08.0/src/practice/flashcardmodewidget.cpp
Examining data/parley-20.08.0/src/practice/sessionmanagercontinuous.h
Examining data/parley-20.08.0/src/practice/multiplechoicemodewidget.h
Examining data/parley-20.08.0/src/practice/practicestatemachine.cpp
Examining data/parley-20.08.0/src/practice/comparisonmodewidget.cpp
Examining data/parley-20.08.0/src/practice/multiplechoicedata.h
Examining data/parley-20.08.0/src/practice/practicesummarycomponent.h
Examining data/parley-20.08.0/src/practice/abstractwidget.h
Examining data/parley-20.08.0/src/practice/latexrenderer.h
Examining data/parley-20.08.0/src/practice/writtenbackendmode.h
Examining data/parley-20.08.0/src/practice/imagecache.cpp
Examining data/parley-20.08.0/src/practice/abstractfrontend.h
Examining data/parley-20.08.0/src/practice/flashcardmodewidget.h
Examining data/parley-20.08.0/src/practice/imagewidget.cpp
Examining data/parley-20.08.0/src/practice/conjugationdata.h
Examining data/parley-20.08.0/src/practice/writtenpracticewidget.cpp
Examining data/parley-20.08.0/src/practice/statustoggle.h
Examining data/parley-20.08.0/src/practice/genderbackendmode.h
Examining data/parley-20.08.0/src/practice/sessionmanagerfixed.h
Examining data/parley-20.08.0/src/practice/abstractbackendmode.cpp
Examining data/parley-20.08.0/src/practice/comparisonbackendmode.h
Examining data/parley-20.08.0/src/practice/multiplechoicebackendmode.h
Examining data/parley-20.08.0/src/practice/boxeswidget.h
Examining data/parley-20.08.0/src/practice/examplesentencebackendmode.h
Examining data/parley-20.08.0/src/practice/comparisonmodewidget.h
Examining data/parley-20.08.0/src/practice/flashcardbackendmode.h
Examining data/parley-20.08.0/src/practice/sessionmanagerbase.cpp
Examining data/parley-20.08.0/src/practice/examplesentencebackendmode.cpp
Examining data/parley-20.08.0/src/practice/imagecache.h
Examining data/parley-20.08.0/src/practice/writtenbackendmode.cpp
Examining data/parley-20.08.0/src/practice/configure/specificpracticeoptions.h
Examining data/parley-20.08.0/src/practice/configure/blockoptions.cpp
Examining data/parley-20.08.0/src/practice/configure/generalpracticeoptions.cpp
Examining data/parley-20.08.0/src/practice/configure/thresholdoptions.cpp
Examining data/parley-20.08.0/src/practice/configure/blockoptions.h
Examining data/parley-20.08.0/src/practice/configure/thresholdoptions.h
Examining data/parley-20.08.0/src/practice/configure/specificpracticeoptions.cpp
Examining data/parley-20.08.0/src/practice/configure/configurepracticedialog.h
Examining data/parley-20.08.0/src/practice/configure/configurepracticedialog.cpp
Examining data/parley-20.08.0/src/practice/configure/generalpracticeoptions.h
Examining data/parley-20.08.0/src/practice/conjugationbackendmode.cpp
Examining data/parley-20.08.0/src/practice/flashcardbackendmode.cpp
Examining data/parley-20.08.0/src/practice/abstractwidget.cpp
Examining data/parley-20.08.0/src/practice/sessionmanagerfixed.cpp
Examining data/parley-20.08.0/src/practice/audiobutton.cpp
Examining data/parley-20.08.0/src/practice/multiplechoicebackendmode.cpp
Examining data/parley-20.08.0/src/practice/guifrontend.cpp
Examining data/parley-20.08.0/src/practice/mixedlettersmodewidget.cpp
Examining data/parley-20.08.0/src/statistics/conjugationoptions.cpp
Examining data/parley-20.08.0/src/statistics/lessonstatisticsview.cpp
Examining data/parley-20.08.0/src/statistics/statisticsmodel.cpp
Examining data/parley-20.08.0/src/statistics/statisticslegendwidget.h
Examining data/parley-20.08.0/src/statistics/statisticslegendwidget.cpp
Examining data/parley-20.08.0/src/statistics/statisticsmodel.h
Examining data/parley-20.08.0/src/statistics/statisticsmainwindow.h
Examining data/parley-20.08.0/src/statistics/statisticsmainwindow.cpp
Examining data/parley-20.08.0/src/statistics/conjugationoptions.h
Examining data/parley-20.08.0/src/statistics/lessonstatisticsview.h
FINAL RESULTS:
data/parley-20.08.0/autotests/allpass1test.cpp:58:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int docError = docWithLock->open(tempfile.fileName());
data/parley-20.08.0/autotests/parleyunittestutilities.cpp:32:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->open();
data/parley-20.08.0/plasmoid/engine/parley_engine.cpp:54:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
doc->open(QUrl::fromLocalFile(file));
data/parley-20.08.0/src/collection/collection.cpp:34:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_doc->open(*url, KEduVocDocument::FileOpenReadOnly);
data/parley-20.08.0/src/dashboard/dashboard.cpp:265:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!m_mainWindow->parleyDocument()->open(url)) {
data/parley-20.08.0/src/dashboard/dashboard.cpp:283:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!m_mainWindow->parleyDocument()->open(url)) {
data/parley-20.08.0/src/dashboard/dashboard.cpp:320:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!m_mainWindow->parleyDocument()->open(url)) {
data/parley-20.08.0/src/exportdialog.cpp:106:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* result = fopen(QFile::encodeName(filename.toLocalFile()).constData(), "w");
data/parley-20.08.0/src/parleyactions.cpp:83:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pAction = KStandardAction::open(recvr, slot, parent);
data/parley-20.08.0/src/parleydocument.cpp:68:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (grammarDoc.open(location) == KEduVocDocument::NoError) {
data/parley-20.08.0/src/parleydocument.cpp:182:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
&& open(QUrl::fromLocalFile( dialog.selectedFiles().first() ))
data/parley-20.08.0/src/parleydocument.cpp:195:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( queryClose() && open(url)) {
data/parley-20.08.0/src/parleydocument.cpp:200:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool ParleyDocument::open(const QUrl & url)
data/parley-20.08.0/src/parleydocument.cpp:217:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
KEduVocDocument::ErrorCode ret = m_doc->open(url, KEduVocDocument::FileDefaultHandling);
data/parley-20.08.0/src/parleydocument.cpp:228:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ret = m_doc->open(url, KEduVocDocument::FileIgnoreLock);
data/parley-20.08.0/src/parleydocument.cpp:322:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open(url)) {
data/parley-20.08.0/src/parleydocument.cpp:574:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open(QUrl::fromLocalFile(fileName)))
data/parley-20.08.0/src/parleydocument.cpp:633:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( tempDoc.open(url) != KEduVocDocument::NoError ) {
data/parley-20.08.0/src/parleydocument.h:64:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const QUrl &);
data/parley-20.08.0/src/parleymainwindow.cpp:82:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_document->open(filename);
data/parley-20.08.0/src/parleymainwindow.cpp:390:49: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void ParleyMainWindow::showDocumentActions(bool open, bool edit)
data/parley-20.08.0/src/parleymainwindow.cpp:392:72: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
actionCollection()->action(QStringLiteral("file_new"))->setVisible(open);
data/parley-20.08.0/src/parleymainwindow.cpp:393:73: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
actionCollection()->action(QStringLiteral("file_open"))->setVisible(open);
data/parley-20.08.0/src/parleymainwindow.cpp:394:80: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
actionCollection()->action(QStringLiteral("file_open_recent"))->setVisible(open);
data/parley-20.08.0/src/parleymainwindow.cpp:395:73: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
actionCollection()->action(QStringLiteral("file_ghns"))->setVisible(open);
data/parley-20.08.0/src/parleymainwindow.cpp:396:84: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
actionCollection()->action(QStringLiteral("file_open_downloaded"))->setVisible(open);
data/parley-20.08.0/src/parleymainwindow.h:140:35: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void showDocumentActions(bool open, bool edit);
data/parley-20.08.0/src/practice/imagecache.cpp:73:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly)) {
data/parley-20.08.0/src/practice/imagecache.cpp:110:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::WriteOnly);
data/parley-20.08.0/src/practice/latexrenderer.cpp:69:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ! texFile->open() ) {
data/parley-20.08.0/src/scripts/scripting/parley.cpp:76:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void Parley::open(const QString &filename)
data/parley-20.08.0/src/scripts/scripting/parley.cpp:80:47: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_editor->m_mainWindow->parleyDocument()->open(url);
data/parley-20.08.0/src/scripts/scripting/parley.h:302:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const QString &filename);
data/parley-20.08.0/src/settings/kgametheme/kgametheme.cpp:81:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!themefile.open(QIODevice::ReadOnly)) {
data/parley-20.08.0/src/settings/kgametheme/kgametheme.cpp:112:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!svgFile.open(QIODevice::ReadOnly)) {
ANALYSIS SUMMARY:
Hits = 35
Lines analyzed = 30769 in approximately 0.93 seconds (33252 lines/second)
Physical Source Lines of Code (SLOC) = 18949
Hits@level = [0] 0 [1] 0 [2] 35 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 35 [1+] 35 [2+] 35 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.84706 [1+] 1.84706 [2+] 1.84706 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.