stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/structure-synth-1.5.0/SyntopiaCore/Exceptions/Exception.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/MiniParser.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/ColorUtils.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/Version.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/ColorUtils.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/Persistence.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/Persistence.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/MiniParser.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Misc/Version.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Logging/ListWidgetLogger.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Logging/Logging.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Logging/Logging.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Logging/ListWidgetLogger.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Math/Vector3.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Math/Random.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Math/Matrix4.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Math/Matrix4.h
Examining data/structure-synth-1.5.0/SyntopiaCore/Math/Random.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/Math/Vector3.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Sphere.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Line.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Triangle.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Grid.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Grid.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Dot.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Object3D.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Object3D.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/RaytraceTriangle.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/EngineWidget.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Box.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/EngineWidget.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Mesh.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Triangle.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Line.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Box.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/RaytraceTriangle.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Mesh.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RenderThread.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/AtomicCounter.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/VoxelStepper.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RenderThread.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/AtomicCounter.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/Sampler.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RayTracer.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/ProgressiveOutput.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/VoxelStepper.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RayTracer.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/Sampler.cpp
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Dot.h
Examining data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Sphere.h
Examining data/structure-synth-1.5.0/resource.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/PrimitiveClass.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/TransformationLoop.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/ColorPool.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/State.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Builder.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/ExecutionStack.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/RuleRef.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/PrimitiveRule.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Transformation.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Transformation.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/Renderer.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/ObjRenderer.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/OpenGLRenderer.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/Renderer.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/OpenGLRenderer.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rendering/ObjRenderer.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/TransformationLoop.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/ColorPool.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/RandomStreams.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/CustomRule.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Builder.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/RandomStreams.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/PrimitiveRule.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rule.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/RuleRef.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/RuleSet.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/Action.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/State.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/RuleSet.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Rule.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/PrimitiveClass.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/AmbiguousRule.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/ExecutionStack.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/CustomRule.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Model/Action.h
Examining data/structure-synth-1.5.0/StructureSynth/Model/AmbiguousRule.h
Examining data/structure-synth-1.5.0/StructureSynth/JavaScriptSupport/JavaScriptParser.h
Examining data/structure-synth-1.5.0/StructureSynth/JavaScriptSupport/JavaScriptBuilder.cpp
Examining data/structure-synth-1.5.0/StructureSynth/JavaScriptSupport/JavaScriptBuilder.h
Examining data/structure-synth-1.5.0/StructureSynth/JavaScriptSupport/Debug.cpp
Examining data/structure-synth-1.5.0/StructureSynth/JavaScriptSupport/JavaScriptParser.cpp
Examining data/structure-synth-1.5.0/StructureSynth/JavaScriptSupport/Debug.h
Examining data/structure-synth-1.5.0/StructureSynth/Parser/Preprocessor.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Parser/Tokenizer.h
Examining data/structure-synth-1.5.0/StructureSynth/Parser/EisenParser.h
Examining data/structure-synth-1.5.0/StructureSynth/Parser/Tokenizer.cpp
Examining data/structure-synth-1.5.0/StructureSynth/Parser/Preprocessor.h
Examining data/structure-synth-1.5.0/StructureSynth/Parser/EisenParser.cpp
Examining data/structure-synth-1.5.0/StructureSynth/GUI/VariableEditor.h
Examining data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.h
Examining data/structure-synth-1.5.0/StructureSynth/GUI/VariableEditor.cpp
Examining data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp
Examining data/structure-synth-1.5.0/StructureSynth/GUI/TemplateExportDialog.cpp
Examining data/structure-synth-1.5.0/StructureSynth/GUI/TemplateExportDialog.h
Examining data/structure-synth-1.5.0/ThirdPartyCode/MersenneTwister/MersenneTwister.h
Examining data/structure-synth-1.5.0/Main.cpp

FINAL RESULTS:

data/structure-synth-1.5.0/StructureSynth/Model/AmbiguousRule.cpp:39:9:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
				if (random <= accWeight) {
data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RenderThread.cpp:92:23:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
				if (Vector3f::dot(random, objectNormal)<0) random = random*-1.0; // Only check away from surface.
data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RenderThread.cpp:92:57:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
				if (Vector3f::dot(random, objectNormal)<0) random = random*-1.0; // Only check away from surface.
data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RenderThread.cpp:93:5:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
				random.normalize();
data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RenderThread.cpp:96:71:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
				QList<Object3D*>* list = accelerator->setupRay(objectIntersection,random, maxT);
data/structure-synth-1.5.0/SyntopiaCore/GLEngine/Raytracer/RenderThread.cpp:99:24:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
				ri.lineDirection = random;
data/structure-synth-1.5.0/SyntopiaCore/Math/Random.h:92:6:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
					srand(seed);
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp:327:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		void MainWindow::open()
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp:382:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			if (!file.open(QFile::ReadOnly | QFile::Text)) {
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp:604:56:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			connect(openAction, SIGNAL(triggered()), this, SLOT(open()));
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp:920:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			if (!file.open(QFile::WriteOnly | QFile::Text)) {
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp:1122:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
				if (!file.open(QFile::ReadOnly | QFile::Text)) {
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp:1427:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
					if (!file.open(QFile::WriteOnly | QFile::Text)) {
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.cpp:1767:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
				if (!file.open(QFile::WriteOnly | QFile::Text)) {
data/structure-synth-1.5.0/StructureSynth/GUI/MainWindow.h:112:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			void open();
data/structure-synth-1.5.0/StructureSynth/GUI/TemplateExportDialog.cpp:973:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			if (file.open(QIODevice::WriteOnly)) {
data/structure-synth-1.5.0/StructureSynth/GUI/TemplateExportDialog.cpp:1046:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
					if (!file.open(QFile::WriteOnly | QFile::Text)) {
data/structure-synth-1.5.0/StructureSynth/JavaScriptSupport/JavaScriptBuilder.cpp:110:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			if (!file.open(QFile::ReadOnly | QFile::Text)) {
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.cpp:46:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
				if (!file.open(QIODevice::ReadOnly)) {
data/structure-synth-1.5.0/ThirdPartyCode/MersenneTwister/MersenneTwister.h:269:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE* urandom = fopen( "/dev/urandom", "rb" );
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.cpp:22:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			void Template::read(QString xml) {
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.cpp:44:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			void Template::read(QFile& file) {
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.cpp:133:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				workingTemplate.read(file);
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.h:50:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				Template(QFile& file) { read(file); }
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.h:51:35:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				Template(QString xmlString) { read(xmlString); }
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.h:53:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				void read(QFile& file);
data/structure-synth-1.5.0/StructureSynth/Model/Rendering/TemplateRenderer.h:54:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				void read(QString xmlString);

ANALYSIS SUMMARY:

Hits = 27
Lines analyzed = 14103 in approximately 0.37 seconds (38396 lines/second)
Physical Source Lines of Code (SLOC) = 10222
Hits@level = [0]   1 [1]   7 [2]  13 [3]   7 [4]   0 [5]   0
Hits@level+ = [0+]  28 [1+]  27 [2+]  20 [3+]   7 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 2.73919 [1+] 2.64136 [2+] 1.95656 [3+] 0.684797 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.