Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/praelector-0.5/src/aide.cpp
Examining data/praelector-0.5/src/aide.h
Examining data/praelector-0.5/src/ch.cpp
Examining data/praelector-0.5/src/ch.h
Examining data/praelector-0.5/src/dialogue.cpp
Examining data/praelector-0.5/src/dialogue.h
Examining data/praelector-0.5/src/flexfr.cpp
Examining data/praelector-0.5/src/flexfr.h
Examining data/praelector-0.5/src/handicap.cpp
Examining data/praelector-0.5/src/handicap.h
Examining data/praelector-0.5/src/irregs.cpp
Examining data/praelector-0.5/src/irregs.h
Examining data/praelector-0.5/src/lemmatiseur.cpp
Examining data/praelector-0.5/src/lemmatiseur.h
Examining data/praelector-0.5/src/lemme.cpp
Examining data/praelector-0.5/src/lemme.h
Examining data/praelector-0.5/src/main.cpp
Examining data/praelector-0.5/src/mainwindow.cpp
Examining data/praelector-0.5/src/mainwindow.h
Examining data/praelector-0.5/src/modele.cpp
Examining data/praelector-0.5/src/modele.h
Examining data/praelector-0.5/src/mot.cpp
Examining data/praelector-0.5/src/mot.h
Examining data/praelector-0.5/src/motflechi.cpp
Examining data/praelector-0.5/src/motflechi.h
Examining data/praelector-0.5/src/phrase.cpp
Examining data/praelector-0.5/src/phrase.h
Examining data/praelector-0.5/src/regle.cpp
Examining data/praelector-0.5/src/regle.h
Examining data/praelector-0.5/src/requete.cpp
Examining data/praelector-0.5/src/requete.h
Examining data/praelector-0.5/src/semantique.cpp
Examining data/praelector-0.5/src/semantique.h
FINAL RESULTS:
data/praelector-0.5/src/aide.cpp:49:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QFile::ReadOnly);
data/praelector-0.5/src/lemmatiseur.cpp:559:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open(QFile::ReadOnly);
data/praelector-0.5/src/mainwindow.cpp:363:4: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f.open (QIODevice::ReadOnly|QIODevice::Text);
data/praelector-0.5/src/mainwindow.cpp:438:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fTrace.open(QIODevice::WriteOnly);
data/praelector-0.5/src/mainwindow.cpp:444:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fTrace.open(QIODevice::ReadOnly);
data/praelector-0.5/src/mainwindow.cpp:490:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fTrace.open(QIODevice::WriteOnly);
data/praelector-0.5/src/phrase.cpp:194:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
flang.open (QIODevice::ReadOnly|QIODevice::Text);
data/praelector-0.5/src/phrase.cpp:497:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fla.open (QIODevice::WriteOnly|QIODevice::Append);
data/praelector-0.5/src/phrase.cpp:501:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffr.open (QIODevice::WriteOnly|QIODevice::Append);
data/praelector-0.5/src/phrase.cpp:836:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fp.open (QIODevice::ReadOnly|QIODevice::Text))
data/praelector-0.5/src/phrase.cpp:851:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fp.open (QIODevice::ReadOnly|QIODevice::Text))
data/praelector-0.5/src/semantique.cpp:213:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fp.open (QIODevice::ReadOnly|QIODevice::Text))
data/praelector-0.5/src/semantique.cpp:353:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fp.open (QIODevice::WriteOnly|QIODevice::Text))
ANALYSIS SUMMARY:
Hits = 13
Lines analyzed = 12741 in approximately 0.30 seconds (42605 lines/second)
Physical Source Lines of Code (SLOC) = 9647
Hits@level = [0] 0 [1] 0 [2] 13 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 13 [1+] 13 [2+] 13 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.34757 [1+] 1.34757 [2+] 1.34757 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.