Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/steptalk-0.10.0/ApplicationScripting/Source/NSObject+NibLoading.h Examining data/steptalk-0.10.0/ApplicationScripting/Source/NSTextView+ScriptExecution.h Examining data/steptalk-0.10.0/ApplicationScripting/Source/STAppScriptingSupport.h Examining data/steptalk-0.10.0/ApplicationScripting/Source/STEnvironment+additions.h Examining data/steptalk-0.10.0/ApplicationScripting/Source/NSApplication+additions.h Examining data/steptalk-0.10.0/ApplicationScripting/Source/STApplicationScriptingController.h Examining data/steptalk-0.10.0/ApplicationScripting/Source/STScriptsPanel.h Examining data/steptalk-0.10.0/ApplicationScripting/Source/STTranscript.h Examining data/steptalk-0.10.0/ApplicationScripting/Support/STScriptingSupport.h Examining data/steptalk-0.10.0/ApplicationScripting/Support/test/STScriptingSupport.h Examining data/steptalk-0.10.0/Applications/Conversation/AppController.h Examining data/steptalk-0.10.0/Applications/Conversation/ConversationController.h Examining data/steptalk-0.10.0/Applications/Conversation/InputText.h Examining data/steptalk-0.10.0/Applications/Conversation/NSObject+NibLoading.h Examining data/steptalk-0.10.0/Applications/Conversation/NSTextView+additions.h Examining data/steptalk-0.10.0/Applications/ScriptPapers/AppController.h Examining data/steptalk-0.10.0/Applications/ScriptPapers/NSObject+NibLoading.h Examining data/steptalk-0.10.0/Applications/ScriptPapers/NSTextView+additions.h Examining data/steptalk-0.10.0/Applications/ScriptPapers/ScriptPaper.h Examining data/steptalk-0.10.0/Applications/ScriptPapers/ScriptPaperController.h Examining data/steptalk-0.10.0/Examples/Shell/STShell.h Examining data/steptalk-0.10.0/Finders/ApplicationFinder/STApplicationFinder.h Examining data/steptalk-0.10.0/Finders/DistributedFinder/STDistributedFinder.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/NSFileManager+additions.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/NSObject+additions.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STActor.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STApplicationConversation.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STContext.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STBehaviourInfo.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STBundleInfo.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STClassInfo.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STConversation.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STEnvironment.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STEnvironmentServer.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STExterns.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STMethod.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STFileScript.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STFunctions.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STLanguageManager.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STObjCRuntime.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STObjectReference.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STRemoteConversation.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STScript.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STScriptObject.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STScripting.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STScriptingServer.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STScriptsManager.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STSelector.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STStepTalkManager.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STUndefinedObject.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/StepTalk.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/StepTalkScriptingInfo.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/old/STDistantEnvironment.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/old/STLanguage.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/NSInvocation+additions.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/NSNumber+additions.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STEngine.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STEnvironmentDescription.h Examining data/steptalk-0.10.0/Frameworks/StepTalk/STStructure.h Examining data/steptalk-0.10.0/Frameworks/StepTalkViews/STScriptEditor.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/StepTalkPalette/StepTalkClassInspector.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/StepTalkPalette/StepTalkConnectionInspector.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/StepTalkPalette/StepTalkInspector.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/StepTalkPalette/StepTalkPalette.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/SEAction.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/StepTalkClass.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/StepTalkMetadatas.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/StepTalkMethod.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/StepTalkObject.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/StepTalkProxy.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/StepTalkRuntime.h Examining data/steptalk-0.10.0/Incubator/STPalette-1.2/libStepTalkView/StepTalkView.h Examining data/steptalk-0.10.0/Languages/Guile/GuileEngine.h Examining data/steptalk-0.10.0/Languages/MyLanguage/MyLanguageEngine.h Examining data/steptalk-0.10.0/Languages/Smalltalk/Externs.h Examining data/steptalk-0.10.0/Languages/Smalltalk/NSArray+additions.h Examining data/steptalk-0.10.0/Languages/Smalltalk/NSObject+additions.h Examining data/steptalk-0.10.0/Languages/Smalltalk/NSString+additions.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STCompiledScript.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STCompilerUtils.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STGrammar.m.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STMessage.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STSelector+additions.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STSmalltalkScriptObject.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STTokenTypes.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STUndefinedObject+additions.h Examining data/steptalk-0.10.0/Languages/Smalltalk/SmalltalkEngine.h Examining data/steptalk-0.10.0/Languages/Smalltalk/NSNumber+additions.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STBlock.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STBlockContext.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STBytecodeInterpreter.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STBytecodes.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STCompiledCode.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STCompiledMethod.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STCompiler.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STExecutionContext.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STLiterals.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STMethodContext.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STSourceReader.h Examining data/steptalk-0.10.0/Languages/Smalltalk/STStack.h Examining data/steptalk-0.10.0/Modules/AppKit/Functions.h Examining data/steptalk-0.10.0/Modules/AppKit/NSApplication+additions.h Examining data/steptalk-0.10.0/Modules/AppKit/STAppKitModule.h Examining data/steptalk-0.10.0/Modules/Foundation/Functions.h Examining data/steptalk-0.10.0/Modules/Foundation/STFoundationModule.h Examining data/steptalk-0.10.0/Modules/GDL2/STGDL2Module.h Examining data/steptalk-0.10.0/Modules/ObjectiveC/NSObject+additions.h Examining data/steptalk-0.10.0/Modules/ObjectiveC/ObjectiveCModule.h Examining data/steptalk-0.10.0/Modules/ObjectiveC/ObjectiveCRuntime.h Examining data/steptalk-0.10.0/Modules/ReadlineTranscript/ReadlineTranscript.h Examining data/steptalk-0.10.0/Modules/ReadlineTranscript/ReadlineTranscriptModule.h Examining data/steptalk-0.10.0/Modules/SimpleTranscript/SimpleTranscript.h Examining data/steptalk-0.10.0/Modules/SimpleTranscript/SimpleTranscriptModule.h Examining data/steptalk-0.10.0/Tools/STEnvironmentProcess.h Examining data/steptalk-0.10.0/Tools/STExecutor.h FINAL RESULTS: data/steptalk-0.10.0/Frameworks/StepTalk/STRemoteConversation.h:50:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). - (void)open; ANALYSIS SUMMARY: Hits = 1 Lines analyzed = 4720 in approximately 0.21 seconds (22167 lines/second) Physical Source Lines of Code (SLOC) = 1828 Hits@level = [0] 0 [1] 0 [2] 1 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 1 [1+] 1 [2+] 1 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.547046 [1+] 0.547046 [2+] 0.547046 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.