stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfAuthor.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfAuthor.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfBinary.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfBinary.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfBody.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfBody.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfBookinfo.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfBookinfo.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfContentrating.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfContentrating.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfData.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfData.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfDatabaseref.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfDatabaseref.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfDocument.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfDocument.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfDocumentinfo.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfDocumentinfo.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfFrame.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfFrame.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfJump.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfJump.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfLanguage.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfLanguage.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfMetadata.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfMetadata.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfPage.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfPage.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfPublishinfo.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfPublishinfo.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfReference.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfReference.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfReferences.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfReferences.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfSequence.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfSequence.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfStyleSheet.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfStyleSheet.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfTextarea.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfTextarea.h
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfTextlayer.cpp
Examining data/peruse-1.2+dfsg+20191117/src/acbf/AcbfTextlayer.h
Examining data/peruse-1.2+dfsg+20191117/src/app/main.cpp
Examining data/peruse-1.2+dfsg+20191117/src/common/peruse_helpers.cpp
Examining data/peruse-1.2+dfsg+20191117/src/common/peruse_helpers.h
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/BalooContentLister.cpp
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/BalooContentLister.h
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/ContentList.cpp
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/ContentList.h
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/ContentListerBase.cpp
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/ContentListerBase.h
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/ContentQuery.cpp
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/ContentQuery.h
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/FilesystemContentLister.cpp
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/FilesystemContentLister.h
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/qmlplugin.cpp
Examining data/peruse-1.2+dfsg+20191117/src/contentlist/qmlplugin.h
Examining data/peruse-1.2+dfsg+20191117/src/creator/main.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveImageProvider.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveImageProvider.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/BookDatabase.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/BookDatabase.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/BookListModel.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/BookListModel.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/BookModel.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/BookModel.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/CategoryEntriesModel.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/CategoryEntriesModel.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/ComicCoverImageProvider.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/FilterProxy.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/FilterProxy.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/FolderBookModel.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/FolderBookModel.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PDFCoverImageProvider.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PDFCoverImageProvider.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PeruseConfig.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PeruseConfig.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PreviewImageProvider.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PreviewImageProvider.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PropertyContainer.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/PropertyContainer.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/qmlplugin.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/qmlplugin.h
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp
Examining data/peruse-1.2+dfsg+20191117/src/qtquick/ComicCoverImageProvider.cpp

FINAL RESULTS:

data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:186:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(d->archive->open(QIODevice::ReadOnly))
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:446:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        tmpFile.open();
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:452:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        archive->open(QIODevice::ReadWrite);
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:500:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(destinationFile.open(QIODevice::WriteOnly))
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:503:27:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if(originFile.open(QIODevice::ReadOnly)) {
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:608:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        d->archive->open(QIODevice::ReadWrite);
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:611:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        d->archive->open(QIODevice::ReadOnly);
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:680:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    model->d->archive->open(QIODevice::ReadWrite);
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveImageProvider.cpp:53:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        b.open(QIODevice::ReadOnly);
data/peruse-1.2+dfsg+20191117/src/qtquick/BookDatabase.cpp:54:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (!db.open()) {
data/peruse-1.2+dfsg+20191117/src/qtquick/ComicCoverImageProvider.cpp:91:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if(archive && archive->open(QIODevice::ReadOnly)) {
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveBookModel.cpp:507:54:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                    destinationFile.write(originFile.read(65536));
data/peruse-1.2+dfsg+20191117/src/qtquick/ArchiveImageProvider.cpp:55:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        bool success = reader.read(image);

ANALYSIS SUMMARY:

Hits = 13
Lines analyzed = 14203 in approximately 0.38 seconds (37824 lines/second)
Physical Source Lines of Code (SLOC) = 8182
Hits@level = [0]   0 [1]   2 [2]  11 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  13 [1+]  13 [2+]  11 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 1.58885 [1+] 1.58885 [2+] 1.34441 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.