Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libtomcrypt-1.18.2/tests/no_prng.c
Examining data/libtomcrypt-1.18.2/tests/multi_test.c
Examining data/libtomcrypt-1.18.2/tests/common.h
Examining data/libtomcrypt-1.18.2/tests/dsa_test.c
Examining data/libtomcrypt-1.18.2/tests/pkcs_1_pss_test.c
Examining data/libtomcrypt-1.18.2/tests/mac_test.c
Examining data/libtomcrypt-1.18.2/tests/base64_test.c
Examining data/libtomcrypt-1.18.2/tests/cipher_hash_test.c
Examining data/libtomcrypt-1.18.2/tests/pkcs_1_emsa_test.c
Examining data/libtomcrypt-1.18.2/tests/tomcrypt_test.h
Examining data/libtomcrypt-1.18.2/tests/dh_test.c
Examining data/libtomcrypt-1.18.2/tests/rsa_test.c
Examining data/libtomcrypt-1.18.2/tests/ecc_test.c
Examining data/libtomcrypt-1.18.2/tests/test.c
Examining data/libtomcrypt-1.18.2/tests/pkcs_1_oaep_test.c
Examining data/libtomcrypt-1.18.2/tests/pkcs_1_eme_test.c
Examining data/libtomcrypt-1.18.2/tests/mpi_test.c
Examining data/libtomcrypt-1.18.2/tests/prng_test.c
Examining data/libtomcrypt-1.18.2/tests/modes_test.c
Examining data/libtomcrypt-1.18.2/tests/store_test.c
Examining data/libtomcrypt-1.18.2/tests/misc_test.c
Examining data/libtomcrypt-1.18.2/tests/der_test.c
Examining data/libtomcrypt-1.18.2/tests/pkcs_1_test.c
Examining data/libtomcrypt-1.18.2/tests/rotate_test.c
Examining data/libtomcrypt-1.18.2/tests/common.c
Examining data/libtomcrypt-1.18.2/tests/file_test.c
Examining data/libtomcrypt-1.18.2/tests/katja_test.c
Examining data/libtomcrypt-1.18.2/src/ciphers/noekeon.c
Examining data/libtomcrypt-1.18.2/src/ciphers/rc6.c
Examining data/libtomcrypt-1.18.2/src/ciphers/rc5.c
Examining data/libtomcrypt-1.18.2/src/ciphers/camellia.c
Examining data/libtomcrypt-1.18.2/src/ciphers/anubis.c
Examining data/libtomcrypt-1.18.2/src/ciphers/multi2.c
Examining data/libtomcrypt-1.18.2/src/ciphers/cast5.c
Examining data/libtomcrypt-1.18.2/src/ciphers/blowfish.c
Examining data/libtomcrypt-1.18.2/src/ciphers/kasumi.c
Examining data/libtomcrypt-1.18.2/src/ciphers/skipjack.c
Examining data/libtomcrypt-1.18.2/src/ciphers/aes/aes_tab.c
Examining data/libtomcrypt-1.18.2/src/ciphers/aes/aes.c
Examining data/libtomcrypt-1.18.2/src/ciphers/des.c
Examining data/libtomcrypt-1.18.2/src/ciphers/rc2.c
Examining data/libtomcrypt-1.18.2/src/ciphers/kseed.c
Examining data/libtomcrypt-1.18.2/src/ciphers/safer/safer.c
Examining data/libtomcrypt-1.18.2/src/ciphers/safer/saferp.c
Examining data/libtomcrypt-1.18.2/src/ciphers/safer/safer_tab.c
Examining data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish_tab.c
Examining data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c
Examining data/libtomcrypt-1.18.2/src/ciphers/khazad.c
Examining data/libtomcrypt-1.18.2/src/ciphers/xtea.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/set/der_encode_setof.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/set/der_encode_set.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/boolean/der_length_boolean.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/boolean/der_encode_boolean.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/boolean/der_decode_boolean.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/choice/der_decode_choice.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/object_identifier/der_length_object_identifier.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/short_integer/der_encode_short_integer.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/short_integer/der_decode_short_integer.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/short_integer/der_length_short_integer.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/utctime/der_length_utctime.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/utctime/der_decode_utctime.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/utctime/der_encode_utctime.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/ia5/der_decode_ia5_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/ia5/der_length_ia5_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/ia5/der_encode_ia5_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/integer/der_encode_integer.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/integer/der_length_integer.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/integer/der_decode_integer.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/bit/der_encode_bit_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/bit/der_decode_bit_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/bit/der_encode_raw_bit_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/bit/der_decode_raw_bit_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/bit/der_length_bit_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/octet/der_encode_octet_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/octet/der_decode_octet_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/octet/der_length_octet_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/generalizedtime/der_length_generalizedtime.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/generalizedtime/der_encode_generalizedtime.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/utf8/der_length_utf8_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/utf8/der_encode_utf8_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/utf8/der_decode_utf8_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/teletex_string/der_length_teletex_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/teletex_string/der_decode_teletex_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/printable_string/der_decode_printable_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/printable_string/der_length_printable_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/printable_string/der_encode_printable_string.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_length_sequence.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_sequence_shrink.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_encode_subject_public_key_info.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_encode_sequence_ex.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_decode_sequence_ex.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_encode_sequence_multi.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_decode_sequence_multi.c
Examining data/libtomcrypt-1.18.2/src/pk/asn1/der/sequence/der_sequence_free.c
Examining data/libtomcrypt-1.18.2/src/pk/katja/katja_decrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/katja/katja_exptmod.c
Examining data/libtomcrypt-1.18.2/src/pk/katja/katja_export.c
Examining data/libtomcrypt-1.18.2/src/pk/katja/katja_encrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/katja/katja_import.c
Examining data/libtomcrypt-1.18.2/src/pk/katja/katja_free.c
Examining data/libtomcrypt-1.18.2/src/pk/katja/katja_make_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_set_pqg_dsaparam.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_make_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_decrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_set.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_encrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_generate_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_free.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_export.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_verify_hash.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_generate_pqg.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_verify_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_import.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_sign_hash.c
Examining data/libtomcrypt-1.18.2/src/pk/dsa/dsa_shared_secret.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_import_x509.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_sign_saltlen_get.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_import_pkcs8.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_free.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_exptmod.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_decrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_export.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_make_key.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_set.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_import.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_encrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_sign_hash.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_verify_hash.c
Examining data/libtomcrypt-1.18.2/src/pk/rsa/rsa_get_size.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_oaep_decode.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_v1_5_decode.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_pss_decode.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_oaep_encode.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_i2osp.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_os2ip.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_v1_5_encode.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_pss_encode.c
Examining data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_mgf1.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_import.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_check_pubkey.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_export.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_shared_secret.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_free.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_generate_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_export_key.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_set_pg_dhparam.c
Examining data/libtomcrypt-1.18.2/src/pk/dh/dh_set.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_map.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_mulmod.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_points.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_get_size.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_sign_hash.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_test.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_export.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_is_valid_idx.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_mul2add.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_projective_dbl_point.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_decrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_make_key.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_sizes.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_import.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_encrypt_key.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_shared_secret.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_ansi_x963_import.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_ansi_x963_export.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_free.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_mulmod_timing.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ecc_verify_hash.c
Examining data/libtomcrypt-1.18.2/src/pk/ecc/ltc_ecc_projective_add_point.c
Examining data/libtomcrypt-1.18.2/src/stream/sober128/sober128tab.c
Examining data/libtomcrypt-1.18.2/src/stream/sober128/sober128_test.c
Examining data/libtomcrypt-1.18.2/src/stream/sober128/sober128_stream.c
Examining data/libtomcrypt-1.18.2/src/stream/chacha/chacha_ivctr32.c
Examining data/libtomcrypt-1.18.2/src/stream/chacha/chacha_test.c
Examining data/libtomcrypt-1.18.2/src/stream/chacha/chacha_keystream.c
Examining data/libtomcrypt-1.18.2/src/stream/chacha/chacha_setup.c
Examining data/libtomcrypt-1.18.2/src/stream/chacha/chacha_done.c
Examining data/libtomcrypt-1.18.2/src/stream/chacha/chacha_ivctr64.c
Examining data/libtomcrypt-1.18.2/src/stream/chacha/chacha_crypt.c
Examining data/libtomcrypt-1.18.2/src/stream/rc4/rc4_test.c
Examining data/libtomcrypt-1.18.2/src/stream/rc4/rc4_stream.c
Examining data/libtomcrypt-1.18.2/src/mac/omac/omac_file.c
Examining data/libtomcrypt-1.18.2/src/mac/omac/omac_test.c
Examining data/libtomcrypt-1.18.2/src/mac/omac/omac_init.c
Examining data/libtomcrypt-1.18.2/src/mac/omac/omac_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/omac/omac_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/omac/omac_done.c
Examining data/libtomcrypt-1.18.2/src/mac/omac/omac_process.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_init.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_file.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_done.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_shift_xor.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_ntz.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_process.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_test.c
Examining data/libtomcrypt-1.18.2/src/mac/pmac/pmac_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/pelican/pelican_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/pelican/pelican_test.c
Examining data/libtomcrypt-1.18.2/src/mac/pelican/pelican.c
Examining data/libtomcrypt-1.18.2/src/mac/hmac/hmac_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/hmac/hmac_process.c
Examining data/libtomcrypt-1.18.2/src/mac/hmac/hmac_file.c
Examining data/libtomcrypt-1.18.2/src/mac/hmac/hmac_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/hmac/hmac_done.c
Examining data/libtomcrypt-1.18.2/src/mac/hmac/hmac_init.c
Examining data/libtomcrypt-1.18.2/src/mac/hmac/hmac_test.c
Examining data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_done.c
Examining data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_file.c
Examining data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_test.c
Examining data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_init.c
Examining data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_process.c
Examining data/libtomcrypt-1.18.2/src/mac/f9/f9_init.c
Examining data/libtomcrypt-1.18.2/src/mac/f9/f9_test.c
Examining data/libtomcrypt-1.18.2/src/mac/f9/f9_process.c
Examining data/libtomcrypt-1.18.2/src/mac/f9/f9_file.c
Examining data/libtomcrypt-1.18.2/src/mac/f9/f9_done.c
Examining data/libtomcrypt-1.18.2/src/mac/f9/f9_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/f9/f9_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac_file.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac_test.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac_test.c
Examining data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac_file.c
Examining data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305_file.c
Examining data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305.c
Examining data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305_memory.c
Examining data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305_test.c
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_custom.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_math.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_prng.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_pkcs.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_cfg.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_argchk.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_macros.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_misc.h
Examining data/libtomcrypt-1.18.2/src/headers/tomcrypt_pk.h
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_test.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_decrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_init.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_done.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_add_aad.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_encrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_setiv.c
Examining data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_process.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_done.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_reset.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_init.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_add_aad.c
Examining data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_add_nonce.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_done.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_init.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_decrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_test.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_encrypt_last.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_encrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_decrypt_verify_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_add_aad.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_int_ntz.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_decrypt_last.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_int_xor_blocks.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_encrypt_authenticate_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_reset.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_gf_mult.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_done.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_process.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_mult_h.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_add_iv.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_init.c
Examining data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_add_aad.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_decrypt_verify_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_encrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_addheader.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_encrypt_authenticate_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_init.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_decrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_test.c
Examining data/libtomcrypt-1.18.2/src/encauth/eax/eax_done.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_shift_xor.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_test.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_done_encrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_ntz.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_decrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/s_ocb_done.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_encrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_init.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_encrypt_authenticate_memory.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_done_decrypt.c
Examining data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_decrypt_verify_memory.c
Examining data/libtomcrypt-1.18.2/src/prngs/yarrow.c
Examining data/libtomcrypt-1.18.2/src/prngs/rng_get_bytes.c
Examining data/libtomcrypt-1.18.2/src/prngs/sober128.c
Examining data/libtomcrypt-1.18.2/src/prngs/rc4.c
Examining data/libtomcrypt-1.18.2/src/prngs/chacha20.c
Examining data/libtomcrypt-1.18.2/src/prngs/sprng.c
Examining data/libtomcrypt-1.18.2/src/prngs/fortuna.c
Examining data/libtomcrypt-1.18.2/src/prngs/rng_make_prng.c
Examining data/libtomcrypt-1.18.2/src/misc/adler32.c
Examining data/libtomcrypt-1.18.2/src/misc/compare_testvector.c
Examining data/libtomcrypt-1.18.2/src/misc/pkcs5/pkcs_5_test.c
Examining data/libtomcrypt-1.18.2/src/misc/pkcs5/pkcs_5_1.c
Examining data/libtomcrypt-1.18.2/src/misc/pkcs5/pkcs_5_2.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_unregister_cipher.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_hash_id.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_register_all_ciphers.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_cipher_id.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_prng_rng_descriptor.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_argchk.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_constants.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_cipher_any.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_hash.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_prng_descriptor.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_register_hash.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_register_all_hashes.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_cipher_descriptor.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_unregister_hash.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_hash_any.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_hash_is_valid.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_sizes.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_fsa.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_cipher_is_valid.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_cipher.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_unregister_prng.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_register_prng.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_hash_descriptor.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_inits.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_register_cipher.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_register_all_prngs.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_prng.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_find_hash_oid.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_ltc_mp_descriptor.c
Examining data/libtomcrypt-1.18.2/src/misc/crypt/crypt_prng_is_valid.c
Examining data/libtomcrypt-1.18.2/src/misc/base64/base64_decode.c
Examining data/libtomcrypt-1.18.2/src/misc/base64/base64_encode.c
Examining data/libtomcrypt-1.18.2/src/misc/burn_stack.c
Examining data/libtomcrypt-1.18.2/src/misc/pk_get_oid.c
Examining data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf.c
Examining data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf_test.c
Examining data/libtomcrypt-1.18.2/src/misc/crc32.c
Examining data/libtomcrypt-1.18.2/src/misc/zeromem.c
Examining data/libtomcrypt-1.18.2/src/misc/error_to_string.c
Examining data/libtomcrypt-1.18.2/src/misc/mem_neq.c
Examining data/libtomcrypt-1.18.2/src/math/rand_prime.c
Examining data/libtomcrypt-1.18.2/src/math/ltm_desc.c
Examining data/libtomcrypt-1.18.2/src/math/multi.c
Examining data/libtomcrypt-1.18.2/src/math/rand_bn.c
Examining data/libtomcrypt-1.18.2/src/math/gmp_desc.c
Examining data/libtomcrypt-1.18.2/src/math/tfm_desc.c
Examining data/libtomcrypt-1.18.2/src/math/radix_to_bin.c
Examining data/libtomcrypt-1.18.2/src/math/fp/ltc_ecc_fp_mulmod.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha3.c
Examining data/libtomcrypt-1.18.2/src/hashes/rmd128.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_256.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_224.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha2/sha256.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha2/sha512.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha2/sha224.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha2/sha384.c
Examining data/libtomcrypt-1.18.2/src/hashes/rmd160.c
Examining data/libtomcrypt-1.18.2/src/hashes/helper/hash_filehandle.c
Examining data/libtomcrypt-1.18.2/src/hashes/helper/hash_file.c
Examining data/libtomcrypt-1.18.2/src/hashes/helper/hash_memory_multi.c
Examining data/libtomcrypt-1.18.2/src/hashes/helper/hash_memory.c
Examining data/libtomcrypt-1.18.2/src/hashes/chc/chc.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha3_test.c
Examining data/libtomcrypt-1.18.2/src/hashes/whirl/whirltab.c
Examining data/libtomcrypt-1.18.2/src/hashes/whirl/whirl.c
Examining data/libtomcrypt-1.18.2/src/hashes/blake2b.c
Examining data/libtomcrypt-1.18.2/src/hashes/rmd256.c
Examining data/libtomcrypt-1.18.2/src/hashes/blake2s.c
Examining data/libtomcrypt-1.18.2/src/hashes/md5.c
Examining data/libtomcrypt-1.18.2/src/hashes/sha1.c
Examining data/libtomcrypt-1.18.2/src/hashes/md2.c
Examining data/libtomcrypt-1.18.2/src/hashes/md4.c
Examining data/libtomcrypt-1.18.2/src/hashes/rmd320.c
Examining data/libtomcrypt-1.18.2/src/hashes/tiger.c
Examining data/libtomcrypt-1.18.2/src/modes/xts/xts_init.c
Examining data/libtomcrypt-1.18.2/src/modes/xts/xts_test.c
Examining data/libtomcrypt-1.18.2/src/modes/xts/xts_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/xts/xts_mult_x.c
Examining data/libtomcrypt-1.18.2/src/modes/xts/xts_done.c
Examining data/libtomcrypt-1.18.2/src/modes/xts/xts_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/cfb/cfb_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/cfb/cfb_start.c
Examining data/libtomcrypt-1.18.2/src/modes/cfb/cfb_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/cfb/cfb_done.c
Examining data/libtomcrypt-1.18.2/src/modes/cfb/cfb_getiv.c
Examining data/libtomcrypt-1.18.2/src/modes/cfb/cfb_setiv.c
Examining data/libtomcrypt-1.18.2/src/modes/ctr/ctr_test.c
Examining data/libtomcrypt-1.18.2/src/modes/ctr/ctr_setiv.c
Examining data/libtomcrypt-1.18.2/src/modes/ctr/ctr_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/ctr/ctr_start.c
Examining data/libtomcrypt-1.18.2/src/modes/ctr/ctr_getiv.c
Examining data/libtomcrypt-1.18.2/src/modes/ctr/ctr_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/ctr/ctr_done.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_getiv.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_process.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_start.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_test.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_setiv.c
Examining data/libtomcrypt-1.18.2/src/modes/lrw/lrw_done.c
Examining data/libtomcrypt-1.18.2/src/modes/f8/f8_getiv.c
Examining data/libtomcrypt-1.18.2/src/modes/f8/f8_setiv.c
Examining data/libtomcrypt-1.18.2/src/modes/f8/f8_test_mode.c
Examining data/libtomcrypt-1.18.2/src/modes/f8/f8_start.c
Examining data/libtomcrypt-1.18.2/src/modes/f8/f8_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/f8/f8_done.c
Examining data/libtomcrypt-1.18.2/src/modes/f8/f8_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/ofb/ofb_start.c
Examining data/libtomcrypt-1.18.2/src/modes/ofb/ofb_done.c
Examining data/libtomcrypt-1.18.2/src/modes/ofb/ofb_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/ofb/ofb_setiv.c
Examining data/libtomcrypt-1.18.2/src/modes/ofb/ofb_getiv.c
Examining data/libtomcrypt-1.18.2/src/modes/ofb/ofb_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/cbc/cbc_getiv.c
Examining data/libtomcrypt-1.18.2/src/modes/cbc/cbc_setiv.c
Examining data/libtomcrypt-1.18.2/src/modes/cbc/cbc_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/cbc/cbc_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/cbc/cbc_start.c
Examining data/libtomcrypt-1.18.2/src/modes/cbc/cbc_done.c
Examining data/libtomcrypt-1.18.2/src/modes/ecb/ecb_done.c
Examining data/libtomcrypt-1.18.2/src/modes/ecb/ecb_encrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/ecb/ecb_decrypt.c
Examining data/libtomcrypt-1.18.2/src/modes/ecb/ecb_start.c
Examining data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c
Examining data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c
Examining data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c
Examining data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c
Examining data/libtomcrypt-1.18.2/notes/etc/whirlgen.c
Examining data/libtomcrypt-1.18.2/notes/etc/saferp_optimizer.c
Examining data/libtomcrypt-1.18.2/notes/etc/whirltest.c
Examining data/libtomcrypt-1.18.2/demos/small.c
Examining data/libtomcrypt-1.18.2/demos/constants.c
Examining data/libtomcrypt-1.18.2/demos/tv_gen.c
Examining data/libtomcrypt-1.18.2/demos/sizes.c
Examining data/libtomcrypt-1.18.2/demos/openssl-enc.c
Examining data/libtomcrypt-1.18.2/demos/timing.c
Examining data/libtomcrypt-1.18.2/demos/hashsum.c
Examining data/libtomcrypt-1.18.2/demos/ltcrypt.c
FINAL RESULTS:
data/libtomcrypt-1.18.2/src/headers/tomcrypt_macros.h:441:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libtomcrypt-1.18.2/src/headers/tomcrypt_macros.h:441:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libtomcrypt-1.18.2/tests/der_test.c:214:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define __ASN1_ERR(l) fprintf(stderr, __ASN1_FMTSTRING_FMT "\n", __ASN1_FMTSTRING_VAL(l)); \
data/libtomcrypt-1.18.2/tests/der_test.c:251:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf),__ASN1_FMTSTRING_FMT "\n", __ASN1_FMTSTRING_VAL(l));
data/libtomcrypt-1.18.2/demos/openssl-enc.c:58:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#error Cannot compile this demo; random generator required
data/libtomcrypt-1.18.2/tests/pkcs_1_test.c:35:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(LTC_TEST_RAND_SEED);
data/libtomcrypt-1.18.2/demos/hashsum.c:77:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char is_buffer[MAXBLOCKSIZE], should_buffer[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/demos/hashsum.c:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX + (MAXBLOCKSIZE * 3)];
data/libtomcrypt-1.18.2/demos/hashsum.c:82:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f = fopen(argv[argn], "rb");
data/libtomcrypt-1.18.2/demos/hashsum.c:179:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash_buffer[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/demos/ltcrypt.c:36:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char plaintext[512],ciphertext[512];
data/libtomcrypt-1.18.2/demos/ltcrypt.c:37:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmpkey[512], key[MAXBLOCKSIZE], IV[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/demos/ltcrypt.c:38:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inbuf[512]; /* i/o block size */
data/libtomcrypt-1.18.2/demos/ltcrypt.c:90:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdin = fopen(infile,"rb");
data/libtomcrypt-1.18.2/demos/ltcrypt.c:96:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdout = fopen(outfile,"wb");
data/libtomcrypt-1.18.2/demos/openssl-enc.c:81:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unpad[1024];
data/libtomcrypt-1.18.2/demos/openssl-enc.c:82:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pad[1024+MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/demos/openssl-enc.c:141:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[SALT_LENGTH];
data/libtomcrypt-1.18.2/demos/openssl-enc.c:148:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, tmp, sizeof(tmp));
data/libtomcrypt-1.18.2/demos/openssl-enc.c:308:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char salt[SALT_LENGTH];
data/libtomcrypt-1.18.2/demos/openssl-enc.c:313:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keyiv[KEY_LENGTH + IV_LENGTH];
data/libtomcrypt-1.18.2/demos/openssl-enc.c:330:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infd = fopen(argv[2], "rb");
data/libtomcrypt-1.18.2/demos/openssl-enc.c:333:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfd = fopen(argv[3], "wb");
data/libtomcrypt-1.18.2/demos/timing.c:151:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/demos/timing.c:184:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE] = { 0 }, pt[4096] = { 0 };
data/libtomcrypt-1.18.2/demos/timing.c:257:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE] = { 0 }, pt[4096] = { 0 };
data/libtomcrypt-1.18.2/demos/timing.c:330:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE] = { 0 }, pt[4096] = { 0 };
data/libtomcrypt-1.18.2/demos/timing.c:403:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE] = { 0 }, pt[4096] = { 0 };
data/libtomcrypt-1.18.2/demos/timing.c:479:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[MAXBLOCKSIZE] = { 0 };
data/libtomcrypt-1.18.2/demos/timing.c:599:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4096];
data/libtomcrypt-1.18.2/demos/timing.c:709:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][2048] = { 0 };
data/libtomcrypt-1.18.2/demos/timing.c:833:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][4096];
data/libtomcrypt-1.18.2/demos/timing.c:945:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][256] = { 0 };
data/libtomcrypt-1.18.2/demos/timing.c:1091:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *buf, key[16], tag[16];
data/libtomcrypt-1.18.2/demos/timing.c:1228:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *buf, IV[16], key[16], tag[16];
data/libtomcrypt-1.18.2/demos/tv_gen.c:13:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[MAXBLOCKSIZE], *buf;
data/libtomcrypt-1.18.2/demos/tv_gen.c:18:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("hash_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:54:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *key, pt[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/demos/tv_gen.c:60:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("cipher_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:129:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], output[MAXBLOCKSIZE], *input;
data/libtomcrypt-1.18.2/demos/tv_gen.c:134:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("hmac_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:171:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, output, hash_descriptor[x].hashsize);
data/libtomcrypt-1.18.2/demos/tv_gen.c:182:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], output[MAXBLOCKSIZE], input[MAXBLOCKSIZE*2+2];
data/libtomcrypt-1.18.2/demos/tv_gen.c:187:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("omac_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:239:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], output[MAXBLOCKSIZE], input[MAXBLOCKSIZE*2+2];
data/libtomcrypt-1.18.2/demos/tv_gen.c:244:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("pmac_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:298:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], nonce[MAXBLOCKSIZE*2], header[MAXBLOCKSIZE*2],
data/libtomcrypt-1.18.2/demos/tv_gen.c:302:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("eax_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:360:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], nonce[MAXBLOCKSIZE*2],
data/libtomcrypt-1.18.2/demos/tv_gen.c:364:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("ocb_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:425:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], nonce[MAXBLOCKSIZE*2],
data/libtomcrypt-1.18.2/demos/tv_gen.c:429:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("ocb3_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:491:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], nonce[MAXBLOCKSIZE*2],
data/libtomcrypt-1.18.2/demos/tv_gen.c:495:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("ccm_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:560:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE], plaintext[MAXBLOCKSIZE*2], tag[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/demos/tv_gen.c:563:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("gcm_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:621:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dst[256], src[32], ch;
data/libtomcrypt-1.18.2/demos/tv_gen.c:624:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("base64_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:644:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[512];
data/libtomcrypt-1.18.2/demos/tv_gen.c:649:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("ecc_tv.txt", "w");
data/libtomcrypt-1.18.2/demos/tv_gen.c:661:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mp_read_radix(order, (char *)ltc_ecc_sets[x].order, 16);
data/libtomcrypt-1.18.2/demos/tv_gen.c:662:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mp_read_radix(modulus, (char *)ltc_ecc_sets[x].prime, 16);
data/libtomcrypt-1.18.2/demos/tv_gen.c:663:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mp_read_radix(G->x, (char *)ltc_ecc_sets[x].Gx, 16);
data/libtomcrypt-1.18.2/demos/tv_gen.c:664:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mp_read_radix(G->y, (char *)ltc_ecc_sets[x].Gy, 16);
data/libtomcrypt-1.18.2/demos/tv_gen.c:685:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tweak[16], key[16], iv[16], buf[1024];
data/libtomcrypt-1.18.2/demos/tv_gen.c:694:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("lrw_tv.txt", "w");
data/libtomcrypt-1.18.2/notes/etc/whirltest.c:5:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:8:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char n[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:10:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char e[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:12:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:14:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:16:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char q[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:18:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dP[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:20:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dQ[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:22:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char qInv[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:28:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o1[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:30:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o2[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/oaep-vect.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o3[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:8:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char n[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:10:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char e[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:12:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:14:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:16:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char q[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:18:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dP[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:20:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dQ[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:22:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char qInv[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:28:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o1[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:30:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o2[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15crypt-vectors.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o3[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:8:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char n[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:10:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char e[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:12:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:14:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:16:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char q[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:18:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dP[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:20:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dQ[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:22:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char qInv[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:28:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o1[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pkcs1v15sign-vectors.c:30:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o2[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:8:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char n[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:10:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char e[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:12:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:14:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:16:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char q[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:18:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dP[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:20:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dQ[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:22:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char qInv[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:28:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o1[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:30:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o2[256];
data/libtomcrypt-1.18.2/notes/rsa-testvectors/pss-vect.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char o3[256];
data/libtomcrypt-1.18.2/src/ciphers/aes/aes.c:645:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32], pt[16], ct[16];
data/libtomcrypt-1.18.2/src/ciphers/aes/aes.c:677:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][16];
data/libtomcrypt-1.18.2/src/ciphers/anubis.c:1037:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext,
data/libtomcrypt-1.18.2/src/ciphers/anubis.c:1037:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext,
data/libtomcrypt-1.18.2/src/ciphers/anubis.c:1173:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[16], ct[16], key[40];
data/libtomcrypt-1.18.2/src/ciphers/anubis.c:1494:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][16];
data/libtomcrypt-1.18.2/src/ciphers/blowfish.c:310:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char B[8];
data/libtomcrypt-1.18.2/src/ciphers/blowfish.c:517:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[8], pt[8], ct[8];
data/libtomcrypt-1.18.2/src/ciphers/blowfish.c:535:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][8];
data/libtomcrypt-1.18.2/src/ciphers/camellia.c:210:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[48], kA[16], kB[16], kR[16], kL[16];
data/libtomcrypt-1.18.2/src/ciphers/camellia.c:632:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32], pt[16], ct[16];
data/libtomcrypt-1.18.2/src/ciphers/camellia.c:681:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][16];
data/libtomcrypt-1.18.2/src/ciphers/cast5.c:413:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/libtomcrypt-1.18.2/src/ciphers/cast5.c:647:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16];
data/libtomcrypt-1.18.2/src/ciphers/cast5.c:648:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[8];
data/libtomcrypt-1.18.2/src/ciphers/cast5.c:649:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ct[8];
data/libtomcrypt-1.18.2/src/ciphers/cast5.c:669:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][8];
data/libtomcrypt-1.18.2/src/ciphers/des.c:66:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pc1[56] = {
data/libtomcrypt-1.18.2/src/ciphers/des.c:73:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char totrot[16] = {
data/libtomcrypt-1.18.2/src/ciphers/des.c:80:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pc2[48] = {
data/libtomcrypt-1.18.2/src/ciphers/des.c:1308:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pc1m[56], pcr[56];
data/libtomcrypt-1.18.2/src/ciphers/des.c:1689:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[8], txt[8], out[8];
data/libtomcrypt-1.18.2/src/ciphers/des.c:1966:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[8];
data/libtomcrypt-1.18.2/src/ciphers/des.c:2000:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[24], pt[8], ct[8], tmp[8];
data/libtomcrypt-1.18.2/src/ciphers/kasumi.c:257:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], pt[8], ct[8];
data/libtomcrypt-1.18.2/src/ciphers/kasumi.c:291:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][8];
data/libtomcrypt-1.18.2/src/ciphers/khazad.c:779:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[8], ct[8], key[16];
data/libtomcrypt-1.18.2/src/ciphers/khazad.c:804:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][8];
data/libtomcrypt-1.18.2/src/ciphers/kseed.c:312:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[16], ct[16], key[16];
data/libtomcrypt-1.18.2/src/ciphers/kseed.c:340:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][16];
data/libtomcrypt-1.18.2/src/ciphers/multi2.c:193:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[40];
data/libtomcrypt-1.18.2/src/ciphers/multi2.c:194:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[8], ct[8];
data/libtomcrypt-1.18.2/src/ciphers/multi2.c:247:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/libtomcrypt-1.18.2/src/ciphers/multi2.c:272:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ct[8];
data/libtomcrypt-1.18.2/src/ciphers/noekeon.c:221:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], pt[16], ct[16];
data/libtomcrypt-1.18.2/src/ciphers/noekeon.c:273:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][16];
data/libtomcrypt-1.18.2/src/ciphers/rc2.c:41:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char permute[256] = {
data/libtomcrypt-1.18.2/src/ciphers/rc2.c:72:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[128];
data/libtomcrypt-1.18.2/src/ciphers/rc2.c:305:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], pt[8], ct[8];
data/libtomcrypt-1.18.2/src/ciphers/rc2.c:353:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][8];
data/libtomcrypt-1.18.2/src/ciphers/rc5.c:240:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], pt[8], ct[8];
data/libtomcrypt-1.18.2/src/ciphers/rc5.c:261:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][8];
data/libtomcrypt-1.18.2/src/ciphers/rc6.c:235:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32], pt[16], ct[16];
data/libtomcrypt-1.18.2/src/ciphers/rc6.c:271:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][16];
data/libtomcrypt-1.18.2/src/ciphers/safer/safer.c:113:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ka[LTC_SAFER_BLOCK_LEN + 1];
data/libtomcrypt-1.18.2/src/ciphers/safer/safer.c:114:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kb[LTC_SAFER_BLOCK_LEN + 1];
data/libtomcrypt-1.18.2/src/ciphers/safer/safer.c:388:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][8];
data/libtomcrypt-1.18.2/src/ciphers/safer/safer.c:418:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][8];
data/libtomcrypt-1.18.2/src/ciphers/safer/safer.c:463:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][8];
data/libtomcrypt-1.18.2/src/ciphers/safer/safer_tab.c:19:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char safer_ebox[256] = {
data/libtomcrypt-1.18.2/src/ciphers/safer/safer_tab.c:39:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char safer_lbox[256] = {
data/libtomcrypt-1.18.2/src/ciphers/safer/saferp.c:181:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char safer_bias[33][16] = {
data/libtomcrypt-1.18.2/src/ciphers/safer/saferp.c:226:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char t[33];
data/libtomcrypt-1.18.2/src/ciphers/safer/saferp.c:343:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[16];
data/libtomcrypt-1.18.2/src/ciphers/safer/saferp.c:407:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[16];
data/libtomcrypt-1.18.2/src/ciphers/safer/saferp.c:473:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32], pt[16], ct[16];
data/libtomcrypt-1.18.2/src/ciphers/safer/saferp.c:505:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][16];
data/libtomcrypt-1.18.2/src/ciphers/skipjack.c:32:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char sbox[256] = {
data/libtomcrypt-1.18.2/src/ciphers/skipjack.c:276:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[10], pt[8], ct[8];
data/libtomcrypt-1.18.2/src/ciphers/skipjack.c:284:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][8];
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:44:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char RS[4][8] = {
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:53:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qord[4][5] = {
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:71:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char qbox[2][4][16] = {
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:243:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char y[4];
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:346:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char S[4*4], tmpx0, tmpx1;
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:349:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[4], tmp2[4], M[8*4];
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:618:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32], pt[16], ct[16];
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish.c:651:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][16];
data/libtomcrypt-1.18.2/src/ciphers/twofish/twofish_tab.c:18:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char SBOX[2][256] = {
data/libtomcrypt-1.18.2/src/ciphers/xtea.c:149:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], pt[8], ct[8];
data/libtomcrypt-1.18.2/src/ciphers/xtea.c:203:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2][8];
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_memory.c:49:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PAD[16], ctr[16], CTRPAD[16], ptTag[16], b, *pt_real;
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c:24:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16];
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c:25:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce[16];
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c:27:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[64];
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c:29:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[64];
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c:31:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ct[64];
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c:32:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tag[16];
data/libtomcrypt-1.18.2/src/encauth/ccm/ccm_test.c:115:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64], buf2[64], tag[16], tag2[16], tag3[16], zero[64];
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_decrypt.c:24:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char padzero[16] = { 0 };
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_done.c:23:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char padzero[16] = { 0 };
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_done.c:25:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_encrypt.c:24:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char padzero[16] = { 0 };
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_setiv.c:25:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char polykey[32];
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_setiv_rfc7905.c:25:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char combined_iv[12] = { 0 };
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_test.c:39:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ct[1000], pt[1000], emac[16], dmac[16];
data/libtomcrypt-1.18.2/src/encauth/eax/eax_test.c:33:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/encauth/eax/eax_test.c:216:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_gf_mult.c:20:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char gcm_shift_table[256*2] = {
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_gf_mult.c:83:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Z[16], V[16];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_gf_mult.c:119:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pTmp[32];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_init.c:30:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char B[16];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_mult_h.c:24:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[16];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c:28:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[32];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c:30:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char P[128];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c:32:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char A[128];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c:34:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IV[128];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c:36:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char C[128];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c:37:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[16];
data/libtomcrypt-1.18.2/src/encauth/gcm/gcm_test.c:327:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[2][128], T[2][16];
data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_decrypt.c:27:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Z[MAXBLOCKSIZE], tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_encrypt.c:27:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Z[MAXBLOCKSIZE], tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_init.c:20:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char poly_div[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_test.c:29:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], nonce[16], pt[34], ct[34], tag[16];
data/libtomcrypt-1.18.2/src/encauth/ocb/ocb_test.c:167:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outct[MAXBLOCKSIZE], outtag[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_add_aad.c:26:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_decrypt.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_decrypt_last.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iOffset_star[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_decrypt_last.c:29:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iPad[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_done.c:27:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_encrypt.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_encrypt_last.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iOffset_star[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_encrypt_last.c:29:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iPad[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_init.c:22:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iNonce[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_init.c:23:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iKtop[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_init.c:24:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iStretch[MAXBLOCKSIZE+8];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_init.c:65:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char poly_mul[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_test.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_test.c:29:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce[12] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B };
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_test.c:33:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[64], aad[64], ct[64], tag[16];
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_test.c:207:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outct[MAXBLOCKSIZE] = { 0 };
data/libtomcrypt-1.18.2/src/encauth/ocb3/ocb3_test.c:208:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outtag[MAXBLOCKSIZE] = { 0 };
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:140:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char blake2b_sigma[12][16] =
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:204:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char P[BLAKE2B_PARAM_SIZE];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:226:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char block[BLAKE2B_BLOCKBYTES];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:365:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BLAKE2B_OUTBYTES] = { 0 };
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:403:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[64];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:428:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[64];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:433:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:454:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[48];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:475:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[48];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:480:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:501:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[32];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:528:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[32];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:533:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:554:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[20];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:569:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[20];
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:574:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:135:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char blake2s_sigma[10][16] = {
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:198:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char P[BLAKE2S_PARAM_SIZE];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:220:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char block[BLAKE2S_BLOCKBYTES];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:353:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BLAKE2S_OUTBYTES] = { 0 };
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:391:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[32];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:418:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[32];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:423:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:445:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[28];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:462:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[28];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:467:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:489:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[20];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:504:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[20];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:509:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:531:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[16];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:544:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:549:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/chc/chc.c:88:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/hashes/chc/chc.c:132:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[2][MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/hashes/chc/chc.c:262:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *msg,
data/libtomcrypt-1.18.2/src/hashes/chc/chc.c:274:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/hashes/chc/chc.c:288:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
chc_process(&md, tests[i].msg, strlen((char *)tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/helper/hash_file.c:36:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fname, "rb");
data/libtomcrypt-1.18.2/src/hashes/md2.c:36:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char PI_SUBST[256] = {
data/libtomcrypt-1.18.2/src/hashes/md2.c:195:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[16];
data/libtomcrypt-1.18.2/src/hashes/md2.c:230:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/libtomcrypt-1.18.2/src/hashes/md4.c:258:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[16];
data/libtomcrypt-1.18.2/src/hashes/md4.c:284:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/libtomcrypt-1.18.2/src/hashes/md4.c:289:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input));
data/libtomcrypt-1.18.2/src/hashes/md5.c:56:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char Worder[64] = {
data/libtomcrypt-1.18.2/src/hashes/md5.c:63:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char Rorder[64] = {
data/libtomcrypt-1.18.2/src/hashes/md5.c:318:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[16];
data/libtomcrypt-1.18.2/src/hashes/md5.c:345:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/libtomcrypt-1.18.2/src/hashes/md5.c:350:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd128.c:357:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[16];
data/libtomcrypt-1.18.2/src/hashes/rmd128.c:386:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/libtomcrypt-1.18.2/src/hashes/rmd128.c:391:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rmd128_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd160.c:416:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[20];
data/libtomcrypt-1.18.2/src/hashes/rmd160.c:445:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[20];
data/libtomcrypt-1.18.2/src/hashes/rmd160.c:450:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rmd160_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd256.c:370:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[32];
data/libtomcrypt-1.18.2/src/hashes/rmd256.c:411:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[32];
data/libtomcrypt-1.18.2/src/hashes/rmd256.c:416:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rmd256_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd320.c:435:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[40];
data/libtomcrypt-1.18.2/src/hashes/rmd320.c:476:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[40];
data/libtomcrypt-1.18.2/src/hashes/rmd320.c:481:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha1.c:250:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[20];
data/libtomcrypt-1.18.2/src/hashes/sha1.c:265:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[20];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha224.c:67:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[32];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha224.c:92:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[28];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha224.c:109:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[28];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha256.c:296:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[32];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha256.c:313:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[32];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha384.c:66:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha384.c:94:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[48];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha384.c:115:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[48];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512.c:266:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[64];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512.c:291:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[64];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512.c:296:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_224.c:66:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_224.c:94:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[28];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_224.c:111:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[28];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_256.c:66:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_256.c:94:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[32];
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_256.c:111:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[32];
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:21:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[200], hash[224 / 8];
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:26:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sha3_224_empty[224 / 8] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:33:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sha3_224_0xa3_200_times[224 / 8] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:78:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[200], hash[256 / 8];
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:83:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sha3_256_empty[256 / 8] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:89:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sha3_256_0xa3_200_times[256 / 8] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:172:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[200], hash[384 / 8];
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:177:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sha3_384_0xa3_200_times[384 / 8] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:225:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[200], hash[512 / 8];
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:230:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sha3_512_0xa3_200_times[512 / 8] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:280:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[200], hash[512];
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:286:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char shake256_empty[32] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:292:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char shake256_0xa3_200_times[32] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:298:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char shake128_empty[32] = {
data/libtomcrypt-1.18.2/src/hashes/sha3_test.c:304:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char shake128_0xa3_200_times[32] = {
data/libtomcrypt-1.18.2/src/hashes/tiger.c:739:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[24];
data/libtomcrypt-1.18.2/src/hashes/tiger.c:769:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[24];
data/libtomcrypt-1.18.2/src/hashes/tiger.c:774:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/whirl/whirl.c:208:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[128], hash[64];
data/libtomcrypt-1.18.2/src/hashes/whirl/whirl.c:285:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[64];
data/libtomcrypt-1.18.2/src/hashes/whirl/whirl.c:290:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
whirlpool_process(&md, (unsigned char *)tests[i].msg, tests[i].len);
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:37:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[33][16];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:77:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char S[32], start;
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:90:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char safer_block_t[LTC_SAFER_BLOCK_LEN];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:91:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char safer_key_t[LTC_SAFER_KEY_LEN];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:123:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[10];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:241:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IV[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:259:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IV[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:273:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IV[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:295:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ctr[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:311:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IV[16],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:324:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PC[16][256][16];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:339:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IV[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:956:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kstream[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_cipher.h:976:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_custom.h:31:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define XMEMCPY memcpy
data/libtomcrypt-1.18.2/src/headers/tomcrypt_custom.h:58:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:15:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sb[25 * 8]; /* used for storing `ulong64 s[25]` as little-endian bytes */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:27:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[128];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:35:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:51:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:59:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:67:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:73:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chksum[16], X[48], buf[16];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:81:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:89:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:97:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:113:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:121:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char state[MAXBLOCKSIZE], buf[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:131:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:143:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[128];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_hash.h:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:41:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char block[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:68:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Ls[32][MAXBLOCKSIZE], /* L shifted by i bits to the left */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:114:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[16];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:156:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char N[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:192:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char L[MAXBLOCKSIZE], /* L value */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:248:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Offset_0[MAXBLOCKSIZE], /* Offset_0 value */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:257:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aSum_current[MAXBLOCKSIZE], /* AAD related helper variable */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:327:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PAD[16],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:387:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char H[16], /* multiplier */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:402:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PC[16][256][16] /* 16 tables of 8x128 */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:448:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char state[16];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:469:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[3][MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_mac.h:501:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char akey[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/headers/tomcrypt_prng.h:14:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pool[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/headers/tomcrypt_prng.h:28:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ent[40]; /* entropy buffer */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_prng.h:39:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[32], /* the current key */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_prng.h:53:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ent[40]; /* entropy buffer */
data/libtomcrypt-1.18.2/src/headers/tomcrypt_prng.h:60:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1];
data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac_file.c:52:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fname, "rb");
data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac_test.c:19:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tests[256][64] = {
data/libtomcrypt-1.18.2/src/mac/blake2/blake2bmac_test.c:278:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inp[1000], out[1000];
data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac_file.c:52:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fname, "rb");
data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac_test.c:19:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tests[256][32] = {
data/libtomcrypt-1.18.2/src/mac/blake2/blake2smac_test.c:278:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inp[1000], out[1000];
data/libtomcrypt-1.18.2/src/mac/f9/f9_file.c:61:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fname, "rb");
data/libtomcrypt-1.18.2/src/mac/f9/f9_test.c:28:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[16], M[128], T[4];
data/libtomcrypt-1.18.2/src/mac/f9/f9_test.c:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[16];
data/libtomcrypt-1.18.2/src/mac/hmac/hmac_file.c:64:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fname, "rb");
data/libtomcrypt-1.18.2/src/mac/hmac/hmac_test.c:58:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/mac/hmac/hmac_test.c:151:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/mac/omac/omac_file.c:61:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(filename, "rb");
data/libtomcrypt-1.18.2/src/mac/omac/omac_test.c:29:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], msg[64], tag[16];
data/libtomcrypt-1.18.2/src/mac/omac/omac_test.c:73:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[16];
data/libtomcrypt-1.18.2/src/mac/pelican/pelican_test.c:24:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[32], MSG[64], T[16];
data/libtomcrypt-1.18.2/src/mac/pelican/pelican_test.c:86:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[16];
data/libtomcrypt-1.18.2/src/mac/pmac/pmac_file.c:62:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(filename, "rb");
data/libtomcrypt-1.18.2/src/mac/pmac/pmac_init.c:20:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char poly_div[MAXBLOCKSIZE],
data/libtomcrypt-1.18.2/src/mac/pmac/pmac_process.c:30:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Z[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/mac/pmac/pmac_test.c:30:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], msg[34], tag[16];
data/libtomcrypt-1.18.2/src/mac/pmac/pmac_test.c:124:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outtag[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305_file.c:57:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(fname, "rb");
data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305_test.c:29:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[1000];
data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_file.c:61:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(filename, "rb");
data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_test.c:28:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[16], M[34], T[16];
data/libtomcrypt-1.18.2/src/mac/xcbc/xcbc_test.c:96:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[16];
data/libtomcrypt-1.18.2/src/math/fp/ltc_ecc_fp_mulmod.c:780:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kb[128];
data/libtomcrypt-1.18.2/src/math/fp/ltc_ecc_fp_mulmod.c:905:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kb[2][128];
data/libtomcrypt-1.18.2/src/misc/adler32.c:116:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[4];
data/libtomcrypt-1.18.2/src/misc/base64/base64_decode.c:21:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char map_base64[256] = {
data/libtomcrypt-1.18.2/src/misc/burn_stack.c:22:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[32];
data/libtomcrypt-1.18.2/src/misc/crc32.c:187:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[4];
data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf_test.c:38:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char OKM[82];
data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf_test.c:44:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IKM[80];
data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf_test.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char salt[80];
data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf_test.c:48:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char info[80];
data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf_test.c:50:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PRK[32];
data/libtomcrypt-1.18.2/src/misc/hkdf/hkdf_test.c:52:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char OKM[82];
data/libtomcrypt-1.18.2/src/misc/pkcs5/pkcs_5_2.c:37:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *buf[2];
data/libtomcrypt-1.18.2/src/misc/pkcs5/pkcs_5_test.c:44:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DK[40];
data/libtomcrypt-1.18.2/src/misc/pkcs5/pkcs_5_test.c:157:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DK[40];
data/libtomcrypt-1.18.2/src/modes/cbc/cbc_decrypt.c:30:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/libtomcrypt-1.18.2/src/modes/ctr/ctr_test.c:25:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32], IV[16], pt[64], ct[64];
data/libtomcrypt-1.18.2/src/modes/ctr/ctr_test.c:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/modes/f8/f8_encrypt.c:29:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/modes/f8/f8_start.c:37:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tkey[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/modes/f8/f8_test_mode.c:24:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char key[16] = { 0x23, 0x48, 0x29, 0x00, 0x84, 0x67, 0xbe, 0x18,
data/libtomcrypt-1.18.2/src/modes/f8/f8_test_mode.c:26:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char salt[4] = { 0x32, 0xf2, 0x87, 0x0d };
data/libtomcrypt-1.18.2/src/modes/f8/f8_test_mode.c:27:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char IV[16] = { 0x00, 0x6e, 0x5c, 0xba, 0x50, 0x68, 0x1d, 0xe5,
data/libtomcrypt-1.18.2/src/modes/f8/f8_test_mode.c:29:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char pt[39] = { 0x70, 0x73, 0x65, 0x75, 0x64, 0x6f, 0x72, 0x61,
data/libtomcrypt-1.18.2/src/modes/f8/f8_test_mode.c:34:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ct[39] = { 0x01, 0x9c, 0xe7, 0xa2, 0x6e, 0x78, 0x54, 0x01,
data/libtomcrypt-1.18.2/src/modes/f8/f8_test_mode.c:39:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[39];
data/libtomcrypt-1.18.2/src/modes/lrw/lrw_process.c:29:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char prod[16];
data/libtomcrypt-1.18.2/src/modes/lrw/lrw_setiv.c:29:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char T[16];
data/libtomcrypt-1.18.2/src/modes/lrw/lrw_start.c:38:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char B[16];
data/libtomcrypt-1.18.2/src/modes/lrw/lrw_test.c:28:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16], tweak[16], IV[16], P[16], expected_tweak[16], C[16];
data/libtomcrypt-1.18.2/src/modes/lrw/lrw_test.c:72:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][16];
data/libtomcrypt-1.18.2/src/modes/xts/xts_decrypt.c:62:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PP[16], CC[16], T[16];
data/libtomcrypt-1.18.2/src/modes/xts/xts_encrypt.c:64:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PP[16], CC[16], T[16];
data/libtomcrypt-1.18.2/src/modes/xts/xts_test.c:82:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key1[32];
data/libtomcrypt-1.18.2/src/modes/xts/xts_test.c:83:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key2[32];
data/libtomcrypt-1.18.2/src/modes/xts/xts_test.c:86:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PTX[512], CTX[512];
data/libtomcrypt-1.18.2/src/modes/xts/xts_test.c:201:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char OUT[512], Torg[16], T[16];
data/libtomcrypt-1.18.2/src/pk/asn1/der/generalizedtime/der_decode_generalizedtime.c:58:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[32];
data/libtomcrypt-1.18.2/src/pk/asn1/der/utctime/der_decode_utctime.c:50:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[32] = { 0 }; /* initialize as all zeroes */
data/libtomcrypt-1.18.2/src/pk/dh/dh_export.c:24:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[1];
data/libtomcrypt-1.18.2/src/pk/dh/dh_import.c:23:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[1];
data/libtomcrypt-1.18.2/src/pk/dsa/dsa_export.c:59:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[1];
data/libtomcrypt-1.18.2/src/pk/dsa/dsa_export.c:98:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[1];
data/libtomcrypt-1.18.2/src/pk/dsa/dsa_generate_pqg.c:33:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *wbuf, *sbuf, digest[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/pk/dsa/dsa_import.c:30:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[1];
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_ansi_x963_export.c:32:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[ECC_BUF_SIZE];
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_export.c:35:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[1];
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_import.c:95:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[1];
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_sign_hash.c:27:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch, buf[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_test.c:51:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((err = mp_read_radix(modulus, (char *)ltc_ecc_sets[i].prime, 16)) != CRYPT_OK) { goto done; }
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_test.c:52:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((err = mp_read_radix(order, (char *)ltc_ecc_sets[i].order, 16)) != CRYPT_OK) { goto done; }
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_test.c:68:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((err = mp_read_radix(G->x, (char *)ltc_ecc_sets[i].Gx, 16)) != CRYPT_OK) { goto done; }
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_test.c:69:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((err = mp_read_radix(G->y, (char *)ltc_ecc_sets[i].Gy, 16)) != CRYPT_OK) { goto done; }
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_verify_hash.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch, buf[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/prngs/chacha20.c:56:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[40];
data/libtomcrypt-1.18.2/src/prngs/chacha20.c:209:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dmp[300];
data/libtomcrypt-1.18.2/src/prngs/chacha20.c:211:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[500];
data/libtomcrypt-1.18.2/src/prngs/fortuna.c:67:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/prngs/fortuna.c:138:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/prngs/fortuna.c:175:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/src/prngs/fortuna.c:216:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/libtomcrypt-1.18.2/src/prngs/fortuna.c:279:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/libtomcrypt-1.18.2/src/prngs/fortuna.c:348:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[32];
data/libtomcrypt-1.18.2/src/prngs/rc4.c:58:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/libtomcrypt-1.18.2/src/prngs/rc4.c:94:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256] = { 0 };
data/libtomcrypt-1.18.2/src/prngs/rc4.c:212:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dmp[500];
data/libtomcrypt-1.18.2/src/prngs/rc4.c:214:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[1000];
data/libtomcrypt-1.18.2/src/prngs/rng_get_bytes.c:32:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/dev/urandom", "rb");
data/libtomcrypt-1.18.2/src/prngs/rng_get_bytes.c:35:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/dev/random", "rb");
data/libtomcrypt-1.18.2/src/prngs/rng_make_prng.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/libtomcrypt-1.18.2/src/prngs/sober128.c:58:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[40];
data/libtomcrypt-1.18.2/src/prngs/sober128.c:211:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dmp[300];
data/libtomcrypt-1.18.2/src/prngs/sober128.c:213:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[500];
data/libtomcrypt-1.18.2/src/prngs/sprng.c:141:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[1000];
data/libtomcrypt-1.18.2/src/stream/chacha/chacha_crypt.c:56:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/libtomcrypt-1.18.2/src/stream/chacha/chacha_test.c:25:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[1000];
data/libtomcrypt-1.18.2/src/stream/rc4/rc4_test.c:24:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[10];
data/libtomcrypt-1.18.2/src/stream/sober128/sober128_test.c:19:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16] = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6b, 0x65, 0x79,
data/libtomcrypt-1.18.2/src/stream/sober128/sober128_test.c:21:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[4] = { 0x00, 0x00, 0x00, 0x00 };
data/libtomcrypt-1.18.2/src/stream/sober128/sober128_test.c:22:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[20] = { 0x43, 0x50, 0x0c, 0xcf, 0x89, 0x91, 0x9f, 0x1d,
data/libtomcrypt-1.18.2/src/stream/sober128/sober128_test.c:26:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src[20], dst[20];
data/libtomcrypt-1.18.2/tests/base64_test.c:14:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[64], out[256], tmp[64];
data/libtomcrypt-1.18.2/tests/der_test.c:241:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/libtomcrypt-1.18.2/tests/der_test.c:442:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[sizeof(_der_tests_cacert_root_cert)];
data/libtomcrypt-1.18.2/tests/der_test.c:602:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char strs[10][10], outbuf[128];
data/libtomcrypt-1.18.2/tests/der_test.c:637:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[0], "one");
data/libtomcrypt-1.18.2/tests/der_test.c:638:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[1], "one2");
data/libtomcrypt-1.18.2/tests/der_test.c:639:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[2], "two");
data/libtomcrypt-1.18.2/tests/der_test.c:640:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[3], "aaa");
data/libtomcrypt-1.18.2/tests/der_test.c:641:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[4], "aaaa");
data/libtomcrypt-1.18.2/tests/der_test.c:642:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[5], "aab");
data/libtomcrypt-1.18.2/tests/der_test.c:643:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[6], "aaab");
data/libtomcrypt-1.18.2/tests/der_test.c:644:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[7], "bbb");
data/libtomcrypt-1.18.2/tests/der_test.c:645:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[8], "bbba");
data/libtomcrypt-1.18.2/tests/der_test.c:646:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char*)strs[9], "bbbb");
data/libtomcrypt-1.18.2/tests/der_test.c:711:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char encode_buf[192];
data/libtomcrypt-1.18.2/tests/der_test.c:744:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("t.bin", "wb");
data/libtomcrypt-1.18.2/tests/der_test.c:1037:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitbuf[10], octetbuf[10], ia5buf[10], printbuf[10], outbuf[256], x, y;
data/libtomcrypt-1.18.2/tests/der_test.c:1103:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/libtomcrypt-1.18.2/tests/der_test.c:1119:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3][2048];
data/libtomcrypt-1.18.2/tests/der_test.c:1145:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char utf8_buf[32];
data/libtomcrypt-1.18.2/tests/der_test.c:1146:4: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t utf8_out[32];
data/libtomcrypt-1.18.2/tests/dh_test.c:64:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/libtomcrypt-1.18.2/tests/dh_test.c:154:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4096];
data/libtomcrypt-1.18.2/tests/dh_test.c:366:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3][4096];
data/libtomcrypt-1.18.2/tests/dsa_test.c:135:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[1024], buf[1024];
data/libtomcrypt-1.18.2/tests/dsa_test.c:137:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key_parts[5][256];
data/libtomcrypt-1.18.2/tests/dsa_test.c:281:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char derkey[838];
data/libtomcrypt-1.18.2/tests/dsa_test.c:283:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[32];
data/libtomcrypt-1.18.2/tests/dsa_test.c:322:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[16], out[1024], out2[1024], ch;
data/libtomcrypt-1.18.2/tests/ecc_test.c:46:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[ECC_BUF_SIZE];
data/libtomcrypt-1.18.2/tests/ecc_test.c:118:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4][4096], ch;
data/libtomcrypt-1.18.2/tests/file_test.c:18:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
data/libtomcrypt-1.18.2/tests/file_test.c:20:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[200];
data/libtomcrypt-1.18.2/tests/file_test.c:27:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_sha256[32] = { 0x76, 0xEC, 0x7F, 0xAE, 0xBD, 0xC4, 0x2A, 0x4D, 0xE3, 0x5C, 0xA7, 0x00, 0x24, 0xC2, 0xD2, 0x73,
data/libtomcrypt-1.18.2/tests/file_test.c:33:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in = fopen(fname, "rb")) == NULL) return CRYPT_FILE_NOTFOUND;
data/libtomcrypt-1.18.2/tests/file_test.c:45:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_hmacsha256[32] = { 0xE4, 0x07, 0x74, 0x95, 0xF1, 0xF8, 0x5B, 0xB5, 0xF1, 0x4F, 0x7D, 0x4F, 0x59, 0x8E, 0x4B, 0xBC,
data/libtomcrypt-1.18.2/tests/file_test.c:54:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_omacaes[16] = { 0x50, 0xB4, 0x6C, 0x62, 0xE9, 0xCA, 0x48, 0xFC, 0x38, 0x8D, 0xF4, 0xA2, 0x7D, 0x6A, 0x1E, 0xD8 };
data/libtomcrypt-1.18.2/tests/file_test.c:62:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_pmacaes[16] = { 0x7D, 0x65, 0xF0, 0x75, 0x4F, 0x8D, 0xE2, 0xB0, 0xE4, 0xFA, 0x54, 0x4E, 0x45, 0x01, 0x36, 0x1B };
data/libtomcrypt-1.18.2/tests/file_test.c:70:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_xcbcaes[16] = { 0x9C, 0x73, 0xA2, 0xD7, 0x90, 0xA5, 0x86, 0x25, 0x4D, 0x3C, 0x8A, 0x6A, 0x24, 0x6D, 0xD1, 0xAB };
data/libtomcrypt-1.18.2/tests/file_test.c:78:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_f9aes[16] = { 0x6B, 0x6A, 0x18, 0x34, 0x13, 0x8E, 0x01, 0xEF, 0x33, 0x8E, 0x7A, 0x3F, 0x5B, 0x9A, 0xA6, 0x7A };
data/libtomcrypt-1.18.2/tests/file_test.c:86:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_poly1305[16] = { 0xD0, 0xC7, 0xFB, 0x13, 0xA8, 0x87, 0x84, 0x23, 0x21, 0xCC, 0xA9, 0x43, 0x81, 0x18, 0x75, 0xBE };
data/libtomcrypt-1.18.2/tests/file_test.c:94:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_blake2smac[16] = { 0x4f, 0x94, 0x45, 0x15, 0xcd, 0xd1, 0xca, 0x02, 0x1a, 0x0c, 0x7a, 0xe4, 0x6d, 0x2f, 0xe8, 0xb3 };
data/libtomcrypt-1.18.2/tests/file_test.c:102:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char exp_blake2bmac[16] = { 0xdf, 0x0e, 0x7a, 0xab, 0x96, 0x6b, 0x75, 0x4e, 0x52, 0x6a, 0x43, 0x96, 0xbd, 0xef, 0xab, 0x44 };
data/libtomcrypt-1.18.2/tests/katja_test.c:15:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[1024], out[1024], tmp[1024];
data/libtomcrypt-1.18.2/tests/modes_test.c:25:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pt[64], ct[64], tmp[64], key[16], iv[16], iv2[16];
data/libtomcrypt-1.18.2/tests/mpi_test.c:114:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key_parts[4][256];
data/libtomcrypt-1.18.2/tests/multi_test.c:14:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[32] = { 0 };
data/libtomcrypt-1.18.2/tests/multi_test.c:15:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2][MAXBLOCKSIZE];
data/libtomcrypt-1.18.2/tests/no_prng.c:21:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/libtomcrypt-1.18.2/tests/no_prng.c:22:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char entropy[1024];
data/libtomcrypt-1.18.2/tests/no_prng.c:59:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(no_prng->entropy, in, no_prng->len);
data/libtomcrypt-1.18.2/tests/no_prng.c:93:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, &no_prng->entropy[no_prng->offset], outlen);
data/libtomcrypt-1.18.2/tests/pkcs_1_eme_test.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256], obuf[256];
data/libtomcrypt-1.18.2/tests/pkcs_1_emsa_test.c:43:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[20], obuf[256];
data/libtomcrypt-1.18.2/tests/pkcs_1_oaep_test.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256], obuf[256];
data/libtomcrypt-1.18.2/tests/pkcs_1_pss_test.c:46:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[20], obuf[256];
data/libtomcrypt-1.18.2/tests/pkcs_1_test.c:21:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3][128];
data/libtomcrypt-1.18.2/tests/prng_test.c:33:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4096] = { 0 };
data/libtomcrypt-1.18.2/tests/rsa_test.c:185:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024], key_parts[8][128];
data/libtomcrypt-1.18.2/tests/rsa_test.c:316:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4096];
data/libtomcrypt-1.18.2/tests/rsa_test.c:348:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[1024], out[1024], tmp[3072];
data/libtomcrypt-1.18.2/tests/store_test.c:14:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/libtomcrypt-1.18.2/demos/ltcrypt.c:125:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((err = hash_memory(hash_idx,tmpkey,strlen((char *)tmpkey),key,&outlen)) != CRYPT_OK) {
data/libtomcrypt-1.18.2/demos/openssl-enc.c:364:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pkcs_5_alg1_openssl((unsigned char*)argv[4], strlen(argv[4]), salt,
data/libtomcrypt-1.18.2/demos/timing.c:619:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define DO1 if (prng_descriptor[x].read(buf, 4096, &tprng) != 4096) { fprintf(stderr, "\n\nERROR READ != 4096\n\n"); exit(EXIT_FAILURE); }
data/libtomcrypt-1.18.2/src/encauth/chachapoly/chacha20poly1305_test.c:34:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long mlen = strlen(m);
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:433:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:480:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:533:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2b.c:574:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2b_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:423:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:467:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:509:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/blake2s.c:549:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blake2s_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/chc/chc.c:288:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chc_process(&md, tests[i].msg, strlen((char *)tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/md2.c:235:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/md4.c:289:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md4_process(&md, (unsigned char *)tests[i].input, (unsigned long)strlen(tests[i].input));
data/libtomcrypt-1.18.2/src/hashes/md5.c:350:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd128.c:391:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rmd128_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd160.c:450:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rmd160_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd256.c:416:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rmd256_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/rmd320.c:481:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rmd320_process(&md, (unsigned char *)tests[i].msg, strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha1.c:270:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha2/sha224.c:114:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha2/sha256.c:318:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha2/sha384.c:120:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512.c:296:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_224.c:116:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha512_224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/sha2/sha512_256.c:116:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha512_256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/hashes/tiger.c:774:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
data/libtomcrypt-1.18.2/src/headers/tomcrypt_prng.h:110:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned long (*read)(unsigned char *out, unsigned long outlen, prng_state *prng);
data/libtomcrypt-1.18.2/src/mac/poly1305/poly1305_test.c:28:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long len = 16, mlen = strlen(m);
data/libtomcrypt-1.18.2/src/math/gmp_desc.c:155:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = XMALLOC (1 + 2 * strlen (b));
data/libtomcrypt-1.18.2/src/math/rand_bn.c:34:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[wprng].read(buf, bytes, prng) != (unsigned long)bytes) {
data/libtomcrypt-1.18.2/src/math/rand_prime.c:53:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[wprng].read(buf, len, prng) != (unsigned long)len) {
data/libtomcrypt-1.18.2/src/misc/adler32.c:119:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
adler32_update(&ctx, in, strlen(in));
data/libtomcrypt-1.18.2/src/misc/crc32.c:190:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
crc32_update(&ctx, in, strlen(in));
data/libtomcrypt-1.18.2/src/pk/dh/dh_generate_key.c:75:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) {
data/libtomcrypt-1.18.2/src/pk/dsa/dsa_generate_pqg.c:130:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[wprng].read(sbuf, seedbytes, prng) != seedbytes) { err = CRYPT_ERROR_READPRNG; goto cleanup; }
data/libtomcrypt-1.18.2/src/pk/ecc/ecc_make_key.c:77:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[wprng].read(buf, (unsigned long)keysize, prng) != (unsigned long)keysize) {
data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_oaep_encode.c:109:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[prng_idx].read(seed, hLen, prng) != hLen) {
data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_pss_encode.c:87:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[prng_idx].read(salt, saltlen, prng) != saltlen) {
data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_v1_5_encode.c:75:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[prng_idx].read(ps, ps_len, prng) != ps_len) {
data/libtomcrypt-1.18.2/src/pk/pkcs1/pkcs_1_v1_5_encode.c:83:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[prng_idx].read(&ps[i], 1, prng) != 1) {
data/libtomcrypt-1.18.2/src/stream/chacha/chacha_test.c:42:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pt);
data/libtomcrypt-1.18.2/tests/base64_test.c:64:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen1 = strlen(url_cases[x].s);
data/libtomcrypt-1.18.2/tests/base64_test.c:79:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (compare_testvector(tmp, l2, url_cases[x].s, strlen(url_cases[x].s), "base64url encode", x)) {
data/libtomcrypt-1.18.2/tests/base64_test.c:92:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen1 = strlen(cases[x].s);
data/libtomcrypt-1.18.2/tests/base64_test.c:97:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (compare_testvector(out, l1, cases[x].b64, strlen(cases[x].b64), "base64 encode", x) ||
data/libtomcrypt-1.18.2/tests/der_test.c:649:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LTC_SET_ASN1(list, x, LTC_ASN1_PRINTABLE_STRING, strs[x], strlen((char*)strs[x]));
data/libtomcrypt-1.18.2/tests/der_test.c:664:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(strlen((char*)strs[x-1]) <= strlen((char*)strs[x])) && strcmp((char*)strs[x-1], (char*)strs[x]) >= 0) {
data/libtomcrypt-1.18.2/tests/der_test.c:664:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(strlen((char*)strs[x-1]) <= strlen((char*)strs[x])) && strcmp((char*)strs[x-1], (char*)strs[x]) >= 0) {
data/libtomcrypt-1.18.2/tests/der_test.c:717:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LTC_SET_ASN1(static_list[0], 0, LTC_ASN1_PRINTABLE_STRING, (void *)printable_str, strlen(printable_str));
data/libtomcrypt-1.18.2/tests/der_test.c:718:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LTC_SET_ASN1(static_list[0], 1, LTC_ASN1_IA5_STRING, (void *)ia5_str, strlen(ia5_str));
data/libtomcrypt-1.18.2/tests/der_test.c:734:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LTC_SET_ASN1(static_list[4], 0, LTC_ASN1_PRINTABLE_STRING, set1_str, strlen(set1_str));
data/libtomcrypt-1.18.2/tests/der_test.c:735:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
LTC_SET_ASN1(static_list[4], 1, LTC_ASN1_PRINTABLE_STRING, set2_str, strlen(set2_str));
data/libtomcrypt-1.18.2/tests/der_test.c:785:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (l->size != strlen(printable_str) || memcmp(printable_str, l->data, l->size)) {
data/libtomcrypt-1.18.2/tests/der_test.c:805:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (l->size != strlen(ia5_str) || memcmp(ia5_str, l->data, l->size)) {
data/libtomcrypt-1.18.2/tests/der_test.c:1009:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (l->size != strlen(set2_str) || memcmp(set2_str, l->data, l->size)) {
data/libtomcrypt-1.18.2/tests/der_test.c:1024:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (l->size != strlen(set1_str) || memcmp(set1_str, l->data, l->size)) {
data/libtomcrypt-1.18.2/tests/der_test.c:1323:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DO(der_encode_ia5_string(rsa_ia5, strlen((char*)rsa_ia5), buf[0], &x));
data/libtomcrypt-1.18.2/tests/der_test.c:1328:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DO(der_length_ia5_string(rsa_ia5, strlen((char*)rsa_ia5), &y));
data/libtomcrypt-1.18.2/tests/der_test.c:1335:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (y != strlen((char*)rsa_ia5) || memcmp(buf[1], rsa_ia5, strlen((char*)rsa_ia5))) {
data/libtomcrypt-1.18.2/tests/der_test.c:1335:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (y != strlen((char*)rsa_ia5) || memcmp(buf[1], rsa_ia5, strlen((char*)rsa_ia5))) {
data/libtomcrypt-1.18.2/tests/der_test.c:1342:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DO(der_encode_printable_string(rsa_printable, strlen((char*)rsa_printable), buf[0], &x));
data/libtomcrypt-1.18.2/tests/der_test.c:1347:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DO(der_length_printable_string(rsa_printable, strlen((char*)rsa_printable), &y));
data/libtomcrypt-1.18.2/tests/der_test.c:1354:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (y != strlen((char*)rsa_printable) || memcmp(buf[1], rsa_printable, strlen((char*)rsa_printable))) {
data/libtomcrypt-1.18.2/tests/der_test.c:1354:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (y != strlen((char*)rsa_printable) || memcmp(buf[1], rsa_printable, strlen((char*)rsa_printable))) {
data/libtomcrypt-1.18.2/tests/dsa_test.c:288:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DO(base64_decode((unsigned char*)b64key, strlen(b64key), derkey, &derlen));
data/libtomcrypt-1.18.2/tests/mpi_test.c:109:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 16, ghex, strlen(ghex)+1, phex, strlen(phex)+1, xhex, strlen(xhex)+1, yhex, strlen(yhex)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:109:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 16, ghex, strlen(ghex)+1, phex, strlen(phex)+1, xhex, strlen(xhex)+1, yhex, strlen(yhex)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:109:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 16, ghex, strlen(ghex)+1, phex, strlen(phex)+1, xhex, strlen(xhex)+1, yhex, strlen(yhex)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:109:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 16, ghex, strlen(ghex)+1, phex, strlen(phex)+1, xhex, strlen(xhex)+1, yhex, strlen(yhex)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:110:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 47, gr47, strlen(gr47)+1, pr47, strlen(pr47)+1, xr47, strlen(xr47)+1, yr47, strlen(yr47)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:110:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 47, gr47, strlen(gr47)+1, pr47, strlen(pr47)+1, xr47, strlen(xr47)+1, yr47, strlen(yr47)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:110:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 47, gr47, strlen(gr47)+1, pr47, strlen(pr47)+1, xr47, strlen(xr47)+1, yr47, strlen(yr47)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:110:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 47, gr47, strlen(gr47)+1, pr47, strlen(pr47)+1, xr47, strlen(xr47)+1, yr47, strlen(yr47)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:111:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 64, gr64, strlen(gr64)+1, pr64, strlen(pr64)+1, xr64, strlen(xr64)+1, yr64, strlen(yr64)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:111:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 64, gr64, strlen(gr64)+1, pr64, strlen(pr64)+1, xr64, strlen(xr64)+1, yr64, strlen(yr64)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:111:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 64, gr64, strlen(gr64)+1, pr64, strlen(pr64)+1, xr64, strlen(xr64)+1, yr64, strlen(yr64)+1 },
data/libtomcrypt-1.18.2/tests/mpi_test.c:111:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ 64, gr64, strlen(gr64)+1, pr64, strlen(pr64)+1, xr64, strlen(xr64)+1, yr64, strlen(yr64)+1 },
data/libtomcrypt-1.18.2/tests/prng_test.c:79:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (prng_descriptor[x].read(buf, 100, &nprng) != 100) {
data/libtomcrypt-1.18.2/tests/test.c:355:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(test_functions[i].name);
data/libtomcrypt-1.18.2/tests/test.c:379:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dots = fn_len - strlen(test_functions[i].name);
ANALYSIS SUMMARY:
Hits = 636
Lines analyzed = 90915 in approximately 4.65 seconds (19554 lines/second)
Physical Source Lines of Code (SLOC) = 62532
Hits@level = [0] 1118 [1] 82 [2] 548 [3] 2 [4] 4 [5] 0
Hits@level+ = [0+] 1754 [1+] 636 [2+] 554 [3+] 6 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 28.0496 [1+] 10.1708 [2+] 8.85946 [3+] 0.0959509 [4+] 0.0639672 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.