Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/rocs-20.08.1/libgraphtheory/edgetype.cpp
Examining data/rocs-20.08.1/libgraphtheory/view.h
Examining data/rocs-20.08.1/libgraphtheory/edgetypestyle.cpp
Examining data/rocs-20.08.1/libgraphtheory/edgetypestyle.h
Examining data/rocs-20.08.1/libgraphtheory/autotests/test_graphoperations.cpp
Examining data/rocs-20.08.1/libgraphtheory/autotests/test_kernelscriptapi.h
Examining data/rocs-20.08.1/libgraphtheory/autotests/test_graphoperations.h
Examining data/rocs-20.08.1/libgraphtheory/autotests/test_kernel.h
Examining data/rocs-20.08.1/libgraphtheory/autotests/test_kernel.cpp
Examining data/rocs-20.08.1/libgraphtheory/autotests/test_kernelscriptapi.cpp
Examining data/rocs-20.08.1/libgraphtheory/nodetypestyle.cpp
Examining data/rocs-20.08.1/libgraphtheory/edge.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/edgetypepropertymodel.h
Examining data/rocs-20.08.1/libgraphtheory/models/edgepropertymodel.h
Examining data/rocs-20.08.1/libgraphtheory/models/nodemodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/edgemodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/nodetypemodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/edgetypemodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/nodetypepropertymodel.h
Examining data/rocs-20.08.1/libgraphtheory/models/edgepropertymodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/edgetypepropertymodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/edgetypemodel.h
Examining data/rocs-20.08.1/libgraphtheory/models/nodetypepropertymodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/edgemodel.h
Examining data/rocs-20.08.1/libgraphtheory/models/nodepropertymodel.cpp
Examining data/rocs-20.08.1/libgraphtheory/models/nodepropertymodel.h
Examining data/rocs-20.08.1/libgraphtheory/models/nodetypemodel.h
Examining data/rocs-20.08.1/libgraphtheory/models/nodemodel.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/fileformatmanager.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs1/autotests/testrocs1fileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs1/autotests/testrocs1fileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs1/rocs1fileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs1/rocs1fileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotfileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/autotests/testdotfileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/autotests/testdotfileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotfileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotgrammar.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotgrammarhelper.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotgrammar.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotgrammarhelper.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/fileformatmanager.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/fileformatinterface.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs2/rocs2fileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs2/autotests/testrocs2fileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs2/autotests/testrocs2fileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/rocs2/rocs2fileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/fileformatinterface.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tgf/autotests/testtgffileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tgf/autotests/testtgffileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tgf/tgffileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tgf/tgffileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/autotests/testgmlfileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/autotests/testgmlfileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlgrammarhelper.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlfileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlfileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlgrammarhelper.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlgrammar.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlgrammar.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tikz/autotests/testtikzfileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tikz/autotests/testtikzfileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tikz/tikzfileformat.h
Examining data/rocs-20.08.1/libgraphtheory/fileformats/tikz/tikzfileformat.cpp
Examining data/rocs-20.08.1/libgraphtheory/view.cpp
Examining data/rocs-20.08.1/libgraphtheory/tests/scenetest.cpp
Examining data/rocs-20.08.1/libgraphtheory/editor.h
Examining data/rocs-20.08.1/libgraphtheory/node.cpp
Examining data/rocs-20.08.1/libgraphtheory/logging.cpp
Examining data/rocs-20.08.1/libgraphtheory/edge.h
Examining data/rocs-20.08.1/libgraphtheory/kernel/nodewrapper.cpp
Examining data/rocs-20.08.1/libgraphtheory/kernel/modules/console/consolemodule.cpp
Examining data/rocs-20.08.1/libgraphtheory/kernel/modules/console/consolemodule.h
Examining data/rocs-20.08.1/libgraphtheory/kernel/nodewrapper.h
Examining data/rocs-20.08.1/libgraphtheory/kernel/kernel.cpp
Examining data/rocs-20.08.1/libgraphtheory/kernel/kernel.h
Examining data/rocs-20.08.1/libgraphtheory/kernel/edgewrapper.cpp
Examining data/rocs-20.08.1/libgraphtheory/kernel/documentwrapper.h
Examining data/rocs-20.08.1/libgraphtheory/kernel/edgewrapper.h
Examining data/rocs-20.08.1/libgraphtheory/kernel/documentwrapper.cpp
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/nodeitem.cpp
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/qsgarrowheadnode.cpp
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/nodeitem.h
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/qsglinenode.h
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/qsglinenode.cpp
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/edgeitem.cpp
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/qsgarrowheadnode.h
Examining data/rocs-20.08.1/libgraphtheory/qtquickitems/edgeitem.h
Examining data/rocs-20.08.1/libgraphtheory/nodetype.h
Examining data/rocs-20.08.1/libgraphtheory/graphdocument.h
Examining data/rocs-20.08.1/libgraphtheory/dialogs/edgetypeproperties.h
Examining data/rocs-20.08.1/libgraphtheory/dialogs/nodetypeproperties.cpp
Examining data/rocs-20.08.1/libgraphtheory/dialogs/nodetypeproperties.h
Examining data/rocs-20.08.1/libgraphtheory/dialogs/nodeproperties.cpp
Examining data/rocs-20.08.1/libgraphtheory/dialogs/propertieswidget.h
Examining data/rocs-20.08.1/libgraphtheory/dialogs/propertieswidget.cpp
Examining data/rocs-20.08.1/libgraphtheory/dialogs/edgetypeproperties.cpp
Examining data/rocs-20.08.1/libgraphtheory/dialogs/propertydelegate.h
Examining data/rocs-20.08.1/libgraphtheory/dialogs/edgeproperties.h
Examining data/rocs-20.08.1/libgraphtheory/dialogs/nodeproperties.h
Examining data/rocs-20.08.1/libgraphtheory/dialogs/propertydelegate.cpp
Examining data/rocs-20.08.1/libgraphtheory/dialogs/edgeproperties.cpp
Examining data/rocs-20.08.1/libgraphtheory/nodetypestyle.h
Examining data/rocs-20.08.1/libgraphtheory/editor.cpp
Examining data/rocs-20.08.1/libgraphtheory/logging_p.h
Examining data/rocs-20.08.1/libgraphtheory/graphdocument.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/generategraph/generategraphwidget.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/generategraph/generategraphplugin.h
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/generategraph/generategraphplugin.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/generategraph/generategraphwidget.h
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/editorpluginmanager.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/assignvalues/assignvalueswidget.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/assignvalues/assignvalueswidget.h
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/assignvalues/assignvaluesplugin.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/assignvalues/assignvaluesplugin.h
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/editorpluginmanager.h
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/editorplugininterface.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/editorplugininterface.h
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/transformedges/transformedgeswidget.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/transformedges/transformedgesplugin.cpp
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/transformedges/transformedgeswidget.h
Examining data/rocs-20.08.1/libgraphtheory/editorplugins/transformedges/transformedgesplugin.h
Examining data/rocs-20.08.1/libgraphtheory/modifiers/topology.h
Examining data/rocs-20.08.1/libgraphtheory/modifiers/valueassign.h
Examining data/rocs-20.08.1/libgraphtheory/modifiers/topology.cpp
Examining data/rocs-20.08.1/libgraphtheory/modifiers/valueassign.cpp
Examining data/rocs-20.08.1/libgraphtheory/nodetype.cpp
Examining data/rocs-20.08.1/libgraphtheory/edgetype.h
Examining data/rocs-20.08.1/libgraphtheory/typenames.h
Examining data/rocs-20.08.1/libgraphtheory/node.h
Examining data/rocs-20.08.1/src/ui/edgetypesdelegate.cpp
Examining data/rocs-20.08.1/src/ui/fileformatdialog.h
Examining data/rocs-20.08.1/src/ui/mainwindow.h
Examining data/rocs-20.08.1/src/ui/codeeditorwidget.h
Examining data/rocs-20.08.1/src/ui/nodetypesdelegate.cpp
Examining data/rocs-20.08.1/src/ui/nodetypesdelegate.h
Examining data/rocs-20.08.1/src/ui/scriptoutputwidget.h
Examining data/rocs-20.08.1/src/ui/journalwidget.cpp
Examining data/rocs-20.08.1/src/ui/grapheditorwidget.h
Examining data/rocs-20.08.1/src/ui/scriptoutputwidget.cpp
Examining data/rocs-20.08.1/src/ui/mainwindow.cpp
Examining data/rocs-20.08.1/src/ui/codeeditorwidget.cpp
Examining data/rocs-20.08.1/src/ui/documenttypeswidget.h
Examining data/rocs-20.08.1/src/ui/fileformatdialog.cpp
Examining data/rocs-20.08.1/src/ui/edgetypesdelegate.h
Examining data/rocs-20.08.1/src/ui/sidedockwidget.h
Examining data/rocs-20.08.1/src/ui/documenttypeswidget.cpp
Examining data/rocs-20.08.1/src/ui/sidedockwidget.cpp
Examining data/rocs-20.08.1/src/ui/journalwidget.h
Examining data/rocs-20.08.1/src/ui/grapheditorwidget.cpp
Examining data/rocs-20.08.1/src/autotests/test_project.h
Examining data/rocs-20.08.1/src/autotests/test_project.cpp
Examining data/rocs-20.08.1/src/project/project.cpp
Examining data/rocs-20.08.1/src/project/project.h
Examining data/rocs-20.08.1/src/logging.cpp
Examining data/rocs-20.08.1/src/main.cpp
Examining data/rocs-20.08.1/src/logging_p.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/parameter.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/scriptapimanager.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/scriptapimanager.cpp
Examining data/rocs-20.08.1/src/plugins/scriptapi/scriptapimodel.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/scriptapiwidget.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/method.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/parameter.cpp
Examining data/rocs-20.08.1/src/plugins/scriptapi/object.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/scriptapiwidget.cpp
Examining data/rocs-20.08.1/src/plugins/scriptapi/property.cpp
Examining data/rocs-20.08.1/src/plugins/scriptapi/object.cpp
Examining data/rocs-20.08.1/src/plugins/scriptapi/scriptapimodel.cpp
Examining data/rocs-20.08.1/src/plugins/scriptapi/property.h
Examining data/rocs-20.08.1/src/plugins/scriptapi/method.cpp
FINAL RESULTS:
data/rocs-20.08.1/libgraphtheory/editorplugins/generategraph/generategraphwidget.cpp:563:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
boost::random::uniform_int_distribution<> dist(0, added.size()-1);
data/rocs-20.08.1/libgraphtheory/editorplugins/generategraph/generategraphwidget.cpp:590:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
boost::random::uniform_real_distribution<double> dist(0, 1);
data/rocs-20.08.1/libgraphtheory/fileformats/dot/autotests/testdotfileformat.cpp:713:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testFile.open();
data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotfileformat.cpp:70:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::ReadOnly)) {
data/rocs-20.08.1/libgraphtheory/fileformats/dot/dotfileformat.cpp:89:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::WriteOnly | QFile::Text)) {
data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlfileformat.cpp:69:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::ReadOnly)) {
data/rocs-20.08.1/libgraphtheory/fileformats/gml/gmlfileformat.cpp:90:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::WriteOnly | QFile::Text)) {
data/rocs-20.08.1/libgraphtheory/fileformats/rocs1/rocs1fileformat.cpp:82:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QIODevice::ReadOnly | QIODevice::Text)) {
data/rocs-20.08.1/libgraphtheory/fileformats/rocs1/rocs1fileformat.cpp:273:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!saveFile.open(QIODevice::WriteOnly)) {
data/rocs-20.08.1/libgraphtheory/fileformats/rocs2/rocs2fileformat.cpp:63:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::ReadOnly)) {
data/rocs-20.08.1/libgraphtheory/fileformats/rocs2/rocs2fileformat.cpp:223:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::WriteOnly | QFile::Text)) {
data/rocs-20.08.1/libgraphtheory/fileformats/tgf/tgffileformat.cpp:67:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::ReadOnly)) {
data/rocs-20.08.1/libgraphtheory/fileformats/tgf/tgffileformat.cpp:117:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::WriteOnly | QFile::Text)) {
data/rocs-20.08.1/libgraphtheory/fileformats/tikz/tikzfileformat.cpp:70:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fileHandle.open(QFile::WriteOnly | QFile::Text)) {
data/rocs-20.08.1/src/autotests/test_project.cpp:48:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
codeFile1.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:49:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
codeFile2.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:69:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
graphFile.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:86:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
projectFile.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:92:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
codeFile.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:135:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
projectFile.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:158:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
codeFileA.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:164:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
codeFileB.open();
data/rocs-20.08.1/src/autotests/test_project.cpp:171:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
projectFile.open();
data/rocs-20.08.1/src/plugins/scriptapi/scriptapimanager.cpp:320:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly)) {
data/rocs-20.08.1/src/project/project.cpp:88:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!tar.open(QIODevice::ReadOnly)) {
data/rocs-20.08.1/src/project/project.cpp:94:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!metaInfoFile.open(QIODevice::ReadOnly)) {
data/rocs-20.08.1/src/project/project.cpp:159:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!metaInfoFile.open(QIODevice::WriteOnly)) {
data/rocs-20.08.1/src/project/project.cpp:426:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tar.open(QIODevice::WriteOnly);
ANALYSIS SUMMARY:
Hits = 28
Lines analyzed = 23592 in approximately 0.63 seconds (37306 lines/second)
Physical Source Lines of Code (SLOC) = 14788
Hits@level = [0] 0 [1] 0 [2] 26 [3] 2 [4] 0 [5] 0
Hits@level+ = [0+] 28 [1+] 28 [2+] 28 [3+] 2 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.89343 [1+] 1.89343 [2+] 1.89343 [3+] 0.135245 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.