Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/plasma-discover-5.19.5/discover/UnityLauncher.h
Examining data/plasma-discover-5.19.5/discover/ReadFile.h
Examining data/plasma-discover-5.19.5/discover/DiscoverObject.h
Examining data/plasma-discover-5.19.5/discover/FeaturedModel.cpp
Examining data/plasma-discover-5.19.5/discover/main.cpp
Examining data/plasma-discover-5.19.5/discover/DiscoverDeclarativePlugin.cpp
Examining data/plasma-discover-5.19.5/discover/autotests/PaginateModelTest.cpp
Examining data/plasma-discover-5.19.5/discover/DiscoverDeclarativePlugin.h
Examining data/plasma-discover-5.19.5/discover/PaginateModel.h
Examining data/plasma-discover-5.19.5/discover/FeaturedModel.h
Examining data/plasma-discover-5.19.5/discover/PaginateModel.cpp
Examining data/plasma-discover-5.19.5/discover/DiscoverObject.cpp
Examining data/plasma-discover-5.19.5/discover/UnityLauncher.cpp
Examining data/plasma-discover-5.19.5/discover/ReadFile.cpp
Examining data/plasma-discover-5.19.5/libdiscover/utils.h
Examining data/plasma-discover-5.19.5/libdiscover/UpdateModel/UpdateModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/UpdateModel/UpdateModel.h
Examining data/plasma-discover-5.19.5/libdiscover/UpdateModel/UpdateItem.h
Examining data/plasma-discover-5.19.5/libdiscover/UpdateModel/UpdateItem.cpp
Examining data/plasma-discover-5.19.5/libdiscover/CachedNetworkAccessManager.cpp
Examining data/plasma-discover-5.19.5/libdiscover/DiscoverBackendsFactory.h
Examining data/plasma-discover-5.19.5/libdiscover/DiscoverBackendsFactory.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ActionsModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ActionsModel.h
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/TransactionModel.h
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/AddonList.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/Transaction.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/TransactionListener.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/TransactionModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/Transaction.h
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/AddonList.h
Examining data/plasma-discover-5.19.5/libdiscover/Transaction/TransactionListener.h
Examining data/plasma-discover-5.19.5/libdiscover/appstream/OdrsReviewsBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/appstream/AppStreamUtils.cpp
Examining data/plasma-discover-5.19.5/libdiscover/appstream/OdrsReviewsBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/appstream/AppStreamIntegration.cpp
Examining data/plasma-discover-5.19.5/libdiscover/appstream/AppStreamUtils.h
Examining data/plasma-discover-5.19.5/libdiscover/appstream/AppStreamIntegration.h
Examining data/plasma-discover-5.19.5/libdiscover/notifiers/BackendNotifierModule.h
Examining data/plasma-discover-5.19.5/libdiscover/notifiers/BackendNotifierModule.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyReviewsBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyReviewsBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyNotifier.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyTransaction.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummySourcesBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummySourcesBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/tests/DummyTest.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/tests/UpdateDummyTest.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/tests/DummyTest.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyTransaction.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyNotifier.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/KNSReviews.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/KNSResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/KNSReviews.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/KNSBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/KNSBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/tests/KNSBackendTest.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/tests/KNSBackendTest.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/KNSBackend/KNSResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitSourcesBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/AppPackageKitResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/AppPackageKitResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/pk-offline-private.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitMessages.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitUpdater.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitSourcesBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PKTransaction.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/LocalFilePKResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitNotifier.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/LocalFilePKResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitUpdater.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitMessages.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PKTransaction.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/PackageKitNotifier.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/TransactionSet.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/TransactionSet.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/PackageKitBackend/runservice/main.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakJobTransaction.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakSourcesBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakSourcesBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakFetchDataJob.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakNotifier.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/tests/FlatpakTest.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakFetchDataJob.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakTransactionThread.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakTransactionThread.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakJobTransaction.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakNotifier.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/SnapResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/SnapTransaction.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/libsnapclient/SnapMacaroonDialog.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/libsnapclient/SnapAuthHelper.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/SnapBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/SnapResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/SnapBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/SnapTransaction.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdTransaction.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdResource.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdSourcesBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdSourcesBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdTransaction.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ApplicationAddonsModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/AbstractReviewsBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/ReviewsModel.h
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/AbstractReviewsBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/Review.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/Review.h
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/Rating.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/Rating.h
Examining data/plasma-discover-5.19.5/libdiscover/ReviewsBackend/ReviewsModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ScreenshotsModel.h
Examining data/plasma-discover-5.19.5/libdiscover/tests/CategoriesTest.cpp
Examining data/plasma-discover-5.19.5/libdiscover/ApplicationAddonsModel.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/SourcesModel.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/StoredResultsStream.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/SourcesModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractBackendUpdater.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractResourcesBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractBackendUpdater.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/PackageState.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/ResourcesUpdatesModel.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/ResourcesUpdatesModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractSourcesBackend.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/PackageState.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractResource.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractResource.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/StandardBackendUpdater.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/ResourcesModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractKDEDModule.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractKDEDModule.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractSourcesBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/AbstractResourcesBackend.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/ResourcesProxyModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/resources/ResourcesModel.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/StoredResultsStream.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/ResourcesProxyModel.h
Examining data/plasma-discover-5.19.5/libdiscover/resources/StandardBackendUpdater.h
Examining data/plasma-discover-5.19.5/libdiscover/CachedNetworkAccessManager.h
Examining data/plasma-discover-5.19.5/libdiscover/ScreenshotsModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Category/CategoryModel.h
Examining data/plasma-discover-5.19.5/libdiscover/Category/CategoriesReader.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Category/Category.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Category/Category.h
Examining data/plasma-discover-5.19.5/libdiscover/Category/CategoryModel.cpp
Examining data/plasma-discover-5.19.5/libdiscover/Category/CategoriesReader.h
Examining data/plasma-discover-5.19.5/update/main.cpp
Examining data/plasma-discover-5.19.5/update/DiscoverUpdate.h
Examining data/plasma-discover-5.19.5/update/DiscoverUpdate.cpp
Examining data/plasma-discover-5.19.5/notifier/BackendNotifierFactory.h
Examining data/plasma-discover-5.19.5/notifier/DiscoverNotifier.h
Examining data/plasma-discover-5.19.5/notifier/BackendNotifierFactory.cpp
Examining data/plasma-discover-5.19.5/notifier/main.cpp
Examining data/plasma-discover-5.19.5/notifier/NotifierItem.h
Examining data/plasma-discover-5.19.5/notifier/DiscoverNotifier.cpp
Examining data/plasma-discover-5.19.5/notifier/NotifierItem.cpp
Examining data/plasma-discover-5.19.5/exporter/main.cpp
Examining data/plasma-discover-5.19.5/exporter/MuonExporter.cpp
Examining data/plasma-discover-5.19.5/exporter/MuonExporter.h
FINAL RESULTS:
data/plasma-discover-5.19.5/libdiscover/appstream/OdrsReviewsBackend.cpp:125:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
{QStringLiteral("locale"), QLocale::system().name()},
data/plasma-discover-5.19.5/libdiscover/appstream/OdrsReviewsBackend.cpp:211:58: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
{QStringLiteral("locale"), QLocale::system().name()},
data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyResource.cpp:34:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
, m_iconName((*s_icons)[KRandom::random() % s_icons->size()])
data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyResource.cpp:38:41: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
const int nofScreenshots = KRandom::random() % 5;
data/plasma-discover-5.19.5/libdiscover/backends/DummyBackend/DummyTransaction.cpp:51:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setProgress(qBound(0, progress()+(KRandom::random()%30), 100));
data/plasma-discover-5.19.5/discover/FeaturedModel.cpp:60:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QIODevice::WriteOnly))
data/plasma-discover-5.19.5/discover/FeaturedModel.cpp:76:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QIODevice::ReadOnly)) {
data/plasma-discover-5.19.5/discover/ReadFile.cpp:64:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const auto open = m_file.open(QIODevice::ReadOnly | QIODevice::Text);
data/plasma-discover-5.19.5/discover/ReadFile.cpp:66:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!open)
data/plasma-discover-5.19.5/exporter/MuonExporter.cpp:91:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(f.open(QIODevice::WriteOnly|QIODevice::Text)) {
data/plasma-discover-5.19.5/libdiscover/Category/CategoriesReader.cpp:50:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!menuFile.open(QIODevice::ReadOnly)) {
data/plasma-discover-5.19.5/libdiscover/appstream/OdrsReviewsBackend.cpp:102:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly)) {
data/plasma-discover-5.19.5/libdiscover/appstream/OdrsReviewsBackend.cpp:258:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (ratingsDocument.open(QIODevice::ReadOnly)) {
data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakBackend.cpp:345:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!tempFile.open()) {
data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakBackend.cpp:424:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QFile::ReadOnly | QFile::Text)) {
data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakResource.cpp:81:38: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdBackend.cpp:179:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QFile::ReadOnly)) {
data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdBackend.cpp:260:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly)) {
data/plasma-discover-5.19.5/libdiscover/backends/FwupdBackend/FwupdTransaction.cpp:63:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file->open(QFile::WriteOnly)) {
data/plasma-discover-5.19.5/discover/ReadFile.cpp:89:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto it = m_filter.globalMatch(read);
data/plasma-discover-5.19.5/discover/ReadFile.cpp:96:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_contents += read;
data/plasma-discover-5.19.5/exporter/MuonExporter.cpp:56:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const QVariant val = prop.read(res);
data/plasma-discover-5.19.5/libdiscover/Transaction/TransactionListener.cpp:91:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
, m_oldValue(m_prop.read(obj))
data/plasma-discover-5.19.5/libdiscover/Transaction/TransactionListener.cpp:97:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const QVariant newValue = m_prop.read(m_object);
data/plasma-discover-5.19.5/libdiscover/backends/FlatpakBackend/FlatpakBackend.cpp:121:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(022);
data/plasma-discover-5.19.5/libdiscover/backends/SnapBackend/SnapResource.cpp:151:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
auto theIcon = QVariant::fromValue<QImage>(reader.read());
data/plasma-discover-5.19.5/libdiscover/resources/ResourcesProxyModel.cpp:478:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return prop.read(rating);
data/plasma-discover-5.19.5/libdiscover/resources/ResourcesProxyModel.cpp:503:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return m->property(propidx).read(resource);
ANALYSIS SUMMARY:
Hits = 28
Lines analyzed = 25625 in approximately 0.73 seconds (35290 lines/second)
Physical Source Lines of Code (SLOC) = 18154
Hits@level = [0] 0 [1] 9 [2] 14 [3] 3 [4] 2 [5] 0
Hits@level+ = [0+] 28 [1+] 28 [2+] 19 [3+] 5 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 1.54236 [1+] 1.54236 [2+] 1.0466 [3+] 0.275421 [4+] 0.110169 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.