Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/qviaggiatreno-2013.7.3/src/download_viaggiatreno.h Examining data/qviaggiatreno-2013.7.3/src/schedaavvisitrenord.cpp Examining data/qviaggiatreno-2013.7.3/src/dialogo_configurazione.cpp Examining data/qviaggiatreno-2013.7.3/src/schedalistatreni_widget.cpp Examining data/qviaggiatreno-2013.7.3/src/qviaggiatreno.cpp Examining data/qviaggiatreno-2013.7.3/src/schedaavvisitrenord_widget.cpp Examining data/qviaggiatreno-2013.7.3/src/qledindicator.h Examining data/qviaggiatreno-2013.7.3/src/qledindicator.cpp Examining data/qviaggiatreno-2013.7.3/src/dialogo_nomestazione.h Examining data/qviaggiatreno-2013.7.3/src/parser_trenord.h Examining data/qviaggiatreno-2013.7.3/src/items.h Examining data/qviaggiatreno-2013.7.3/src/parser_viaggiatreno_treno.cpp Examining data/qviaggiatreno-2013.7.3/src/parser_viaggiatreno_treno.h Examining data/qviaggiatreno-2013.7.3/src/dialogoconfigurazione.h Examining data/qviaggiatreno-2013.7.3/src/utils.cpp Examining data/qviaggiatreno-2013.7.3/src/qviaggiatrenoslots.cpp Examining data/qviaggiatreno-2013.7.3/src/download_trenord.cpp Examining data/qviaggiatreno-2013.7.3/src/qviaggiatrenoslots_schede.cpp Examining data/qviaggiatreno-2013.7.3/src/items.cpp Examining data/qviaggiatreno-2013.7.3/src/dialogo_configurazione.h Examining data/qviaggiatreno-2013.7.3/src/download_viaggiatreno.cpp Examining data/qviaggiatreno-2013.7.3/src/parser_viaggiatreno_lista.h Examining data/qviaggiatreno-2013.7.3/src/parser_viaggiatreno_base.cpp Examining data/qviaggiatreno-2013.7.3/src/qviaggiatreno.h Examining data/qviaggiatreno-2013.7.3/src/schedalistatreni.cpp Examining data/qviaggiatreno-2013.7.3/src/schedaavvisitrenord.h Examining data/qviaggiatreno-2013.7.3/src/schedatreno.cpp Examining data/qviaggiatreno-2013.7.3/src/schedastazione.h Examining data/qviaggiatreno-2013.7.3/src/config.h Examining data/qviaggiatreno-2013.7.3/src/schedaviaggiatreno.cpp Examining data/qviaggiatreno-2013.7.3/src/dialogo_nomestazione.cpp Examining data/qviaggiatreno-2013.7.3/src/schedatreno_widget.cpp Examining data/qviaggiatreno-2013.7.3/src/download_trenord.h Examining data/qviaggiatreno-2013.7.3/src/schedatreno.h Examining data/qviaggiatreno-2013.7.3/src/parser_viaggiatreno_stazione.h Examining data/qviaggiatreno-2013.7.3/src/schedaviaggiatreno.h Examining data/qviaggiatreno-2013.7.3/src/schedalistatreni.h Examining data/qviaggiatreno-2013.7.3/src/main.cpp Examining data/qviaggiatreno-2013.7.3/src/config.cpp Examining data/qviaggiatreno-2013.7.3/src/utils.h Examining data/qviaggiatreno-2013.7.3/src/schedastazione_widget.cpp Examining data/qviaggiatreno-2013.7.3/src/schedastazione.cpp Examining data/qviaggiatreno-2013.7.3/src/parser_viaggiatreno_base.h Examining data/qviaggiatreno-2013.7.3/src/parser_viaggiatreno_stazione.cpp Examining data/qviaggiatreno-2013.7.3/src/parser_trenord.cpp FINAL RESULTS: data/qviaggiatreno-2013.7.3/src/qviaggiatrenoslots.cpp:67:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). testoLicenza.open(QFile::ReadOnly); data/qviaggiatreno-2013.7.3/src/schedalistatreni.cpp:220:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!fileaperto.open(QIODevice::ReadOnly)) data/qviaggiatreno-2013.7.3/src/schedalistatreni.cpp:310:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!fileDaSalvare.open(QIODevice::WriteOnly)) ANALYSIS SUMMARY: Hits = 3 Lines analyzed = 7817 in approximately 0.20 seconds (38527 lines/second) Physical Source Lines of Code (SLOC) = 4785 Hits@level = [0] 0 [1] 0 [2] 3 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 3 [1+] 3 [2+] 3 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.626959 [1+] 0.626959 [2+] 0.626959 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.