Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/barada-pam-0.5/HOTPWindow.h
Examining data/barada-pam-0.5/HOTP.cpp
Examining data/barada-pam-0.5/Util.h
Examining data/barada-pam-0.5/HOTPCredentials.cpp
Examining data/barada-pam-0.5/HOTPCredentials.h
Examining data/barada-pam-0.5/barada-add.cpp
Examining data/barada-pam-0.5/HOTPWindow.cpp
Examining data/barada-pam-0.5/Util.cpp
Examining data/barada-pam-0.5/pam_barada.cpp
Examining data/barada-pam-0.5/HOTP.h
Examining data/barada-pam-0.5/HexTest.cpp
FINAL RESULTS:
data/barada-pam-0.5/HOTPCredentials.cpp:93:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(pinPath.c_str(), S_IRUSR | S_IWUSR);
data/barada-pam-0.5/HOTPCredentials.cpp:113:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(counterPath.c_str(), S_IRUSR | S_IWUSR);
data/barada-pam-0.5/barada-add.cpp:73:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(DEFAULT_PATH, S_IRUSR | S_IWUSR);
data/barada-pam-0.5/barada-add.cpp:76:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod((string(DEFAULT_PATH) + "/" + argv[1]).c_str(), S_IRUSR | S_IWUSR);
data/barada-pam-0.5/HOTP.cpp:43:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pinActivatedKey, key, keyLength);
data/barada-pam-0.5/HOTP.cpp:53:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char counterData[sizeof(counter)];
data/barada-pam-0.5/HOTP.cpp:56:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hmac[HMAC_SIZE];
data/barada-pam-0.5/HOTPCredentials.cpp:121:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
counterFile.open(counterPath.c_str());
data/barada-pam-0.5/HOTPCredentials.cpp:141:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
keyFile.open(keyPath.c_str());
data/barada-pam-0.5/HOTPCredentials.cpp:158:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pinFile.open(pinPath.c_str());
data/barada-pam-0.5/HOTPCredentials.h:37:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[KEY_SIZE];
data/barada-pam-0.5/HexTest.cpp:13:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/barada-pam-0.5/HexTest.cpp:14:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char res[16];
data/barada-pam-0.5/Util.cpp:55:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(output+(i*3), "%02X ", *(buf+i));
data/barada-pam-0.5/Util.cpp:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nibble[9];
data/barada-pam-0.5/Util.cpp:72:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nibble, hexString.c_str()+(i*8), 8);
data/barada-pam-0.5/barada-add.cpp:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[KEY_SIZE];
ANALYSIS SUMMARY:
Hits = 17
Lines analyzed = 874 in approximately 0.06 seconds (13886 lines/second)
Physical Source Lines of Code (SLOC) = 533
Hits@level = [0] 12 [1] 0 [2] 13 [3] 0 [4] 0 [5] 4
Hits@level+ = [0+] 29 [1+] 17 [2+] 17 [3+] 4 [4+] 4 [5+] 4
Hits/KSLOC@level+ = [0+] 54.409 [1+] 31.8949 [2+] 31.8949 [3+] 7.50469 [4+] 7.50469 [5+] 7.50469
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.