Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dlang-openssl-2.0.0+1.1.0h/C/aes.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/asn1.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/asn1_mac.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/asn1t.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/async.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/bio.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/blowfish.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/bn.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/buffer.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/camellia.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/cast.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/cmac.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/cms.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/comp.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/conf.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/conf_api.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/crypto.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ct.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/des.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/des_old.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/dh.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/dsa.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/dso.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/dtls1.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/e_os2.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ebcdic.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ec.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ecdh.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ecdsa.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/engine.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/err.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/evp.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/hmac.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/idea.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/kdf.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/krb5_asn.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/kssl.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/lhash.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/md2.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/md4.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/md5.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/mdc2.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/modes.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/obj_mac.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/objects.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ocsp.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/opensslconf.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/opensslv.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ossl_typ.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/pem.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/pem2.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/pkcs12.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/pkcs7.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/pqueue.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/rand.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/rc2.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/rc4.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/rc5.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ripemd.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/rsa.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/safestack.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/seed.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/sha.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/srp.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/srtp.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ssl.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ssl2.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ssl23.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ssl3.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/stack.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/symhacks.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/tls1.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ts.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/txt_db.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ui.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/ui_compat.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/whrlpool.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/x509.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/x509_vfy.h
Examining data/dlang-openssl-2.0.0+1.1.0h/C/x509v3.h
FINAL RESULTS:
data/dlang-openssl-2.0.0+1.1.0h/C/bio.h:744:29: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
int (*gets) (BIO *, char *, int));
data/dlang-openssl-2.0.0+1.1.0h/C/des_old.h:182:9: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
#define crypt(b,s)\
data/dlang-openssl-2.0.0+1.1.0h/C/des_old.h:284:9: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
#define crypt(b,s)\
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:676:19: [4] (crypto) EVP_des_ecb:
DES only supports a 56-bit keysize, which is too small given today's
computers (CWE-327). Use a different patent-free encryption algorithm with
a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_ecb(void);
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:682:11: [4] (crypto) EVP_des_cfb:
DES only supports a 56-bit keysize, which is too small given today's
computers (CWE-327). Use a different patent-free encryption algorithm with
a larger keysize, such as 3DES or AES.
# define EVP_des_cfb EVP_des_cfb64
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:691:19: [4] (crypto) EVP_des_ofb:
DES only supports a 56-bit keysize, which is too small given today's
computers (CWE-327). Use a different patent-free encryption algorithm with
a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_ofb(void);
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:694:19: [4] (crypto) EVP_des_cbc:
DES only supports a 56-bit keysize, which is too small given today's
computers (CWE-327). Use a different patent-free encryption algorithm with
a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_cbc(void);
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:697:19: [4] (crypto) EVP_desx_cbc:
DES only supports a 56-bit keysize, which is too small given today's
computers (CWE-327). Use a different patent-free encryption algorithm with
a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_desx_cbc(void);
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:707:19: [4] (crypto) EVP_rc4_40:
These keysizes are too small given today's computers (CWE-327). Use a
different patent-free encryption algorithm with a larger keysize, such as
3DES or AES.
const EVP_CIPHER *EVP_rc4_40(void);
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:722:19: [4] (crypto) EVP_rc2_40_cbc:
These keysizes are too small given today's computers (CWE-327). Use a
different patent-free encryption algorithm with a larger keysize, such as
3DES or AES.
const EVP_CIPHER *EVP_rc2_40_cbc(void);
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:723:19: [4] (crypto) EVP_rc2_64_cbc:
These keysizes are too small given today's computers (CWE-327). Use a
different patent-free encryption algorithm with a larger keysize, such as
3DES or AES.
const EVP_CIPHER *EVP_rc2_64_cbc(void);
data/dlang-openssl-2.0.0+1.1.0h/C/camellia.h:72:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/camellia.h:72:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/camellia.h:74:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
data/dlang-openssl-2.0.0+1.1.0h/C/camellia.h:75:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
data/dlang-openssl-2.0.0+1.1.0h/C/des.h:28:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char DES_cblock[8];
data/dlang-openssl-2.0.0+1.1.0h/C/des.h:29:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef /* const */ unsigned char const_DES_cblock[8];
data/dlang-openssl-2.0.0+1.1.0h/C/des_old.h:123:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char _ossl_old_des_cblock[8];
data/dlang-openssl-2.0.0+1.1.0h/C/ebcdic.h:25:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char os_toascii[256];
data/dlang-openssl-2.0.0+1.1.0h/C/ebcdic.h:26:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const unsigned char os_toebcdic[256];
data/dlang-openssl-2.0.0+1.1.0h/C/err.h:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *err_data[ERR_NUM_ERRORS];
data/dlang-openssl-2.0.0+1.1.0h/C/err.h:47:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *err_file[ERR_NUM_ERRORS];
data/dlang-openssl-2.0.0+1.1.0h/C/evp.h:370:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[EVP_MAX_IV_LENGTH];
data/dlang-openssl-2.0.0+1.1.0h/C/kssl.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[KSSL_ERR_MAX+1];
data/dlang-openssl-2.0.0+1.1.0h/C/md2.h:28:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MD2_BLOCK];
data/dlang-openssl-2.0.0+1.1.0h/C/mdc2.h:27:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[MDC2_BLOCK];
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:15:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*block128_f) (const unsigned char in[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:16:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[16], const void *key);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:18:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:18:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:20:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], int enc);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:22:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:22:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:24:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char ivec[16]);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:26:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:26:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:28:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char ivec[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:29:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmac[16]);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:31:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:31:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:33:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], block128_f block);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:34:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:34:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:36:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], block128_f block);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:38:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:38:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:40:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:41:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ecount_buf[16], unsigned int *num,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:44:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:44:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:46:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:47:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ecount_buf[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:50:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:50:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:52:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], int *num,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:55:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:55:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:57:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], int *num,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:59:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:59:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:61:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], int *num,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:63:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:63:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:65:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], int *num,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:68:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:69:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *out, size_t len,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:70:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const void *key, unsigned char ivec[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:72:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:72:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:74:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], cbc128_f cbc);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:75:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:76:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *out, size_t len,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:77:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const void *key, unsigned char ivec[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:79:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:79:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:81:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], cbc128_f cbc);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:83:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:84:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *out, size_t len,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:86:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:88:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:88:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:90:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], cbc128_f cbc);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:91:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:92:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *out, size_t len,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:94:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:96:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:96:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:98:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[16], cbc128_f cbc);
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:149:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char iv[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:172:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*ocb128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:172:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef void (*ocb128_f) (const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:175:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char offset_i[16],
data/dlang-openssl-2.0.0+1.1.0h/C/modes.h:177:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char checksum[16]);
data/dlang-openssl-2.0.0+1.1.0h/C/pqueue.h:71:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char priority[8]; /* 64-bit value in big-endian encoding */
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:68:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:71:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:72:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d[SEED_BLOCK_SIZE],
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:74:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:75:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d[SEED_BLOCK_SIZE],
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:80:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:80:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:82:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[SEED_BLOCK_SIZE], int enc);
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:83:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:83:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:85:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[SEED_BLOCK_SIZE], int *num,
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:87:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:87:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/dlang-openssl-2.0.0+1.1.0h/C/seed.h:89:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ivec[SEED_BLOCK_SIZE], int *num);
data/dlang-openssl-2.0.0+1.1.0h/C/sha.h:100:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[SHA512_CBLOCK];
data/dlang-openssl-2.0.0+1.1.0h/C/whrlpool.h:28:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
data/dlang-openssl-2.0.0+1.1.0h/C/whrlpool.h:32:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[WHIRLPOOL_BBLOCK / 8];
data/dlang-openssl-2.0.0+1.1.0h/C/bio.h:738:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read) (BIO *, char *, int));
ANALYSIS SUMMARY:
Hits = 112
Lines analyzed = 30648 in approximately 0.87 seconds (35260 lines/second)
Physical Source Lines of Code (SLOC) = 20713
Hits@level = [0] 0 [1] 1 [2] 100 [3] 0 [4] 10 [5] 1
Hits@level+ = [0+] 112 [1+] 112 [2+] 111 [3+] 11 [4+] 11 [5+] 1
Hits/KSLOC@level+ = [0+] 5.40723 [1+] 5.40723 [2+] 5.35895 [3+] 0.531067 [4+] 0.531067 [5+] 0.0482789
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.