Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libtommath-1.2.0/tommath_superclass.h
Examining data/libtommath-1.2.0/bn_mp_kronecker.c
Examining data/libtommath-1.2.0/bn_deprecated.c
Examining data/libtommath-1.2.0/bn_s_mp_rand_jenkins.c
Examining data/libtommath-1.2.0/bn_mp_mod_d.c
Examining data/libtommath-1.2.0/bn_mp_init_copy.c
Examining data/libtommath-1.2.0/bn_s_mp_karatsuba_sqr.c
Examining data/libtommath-1.2.0/bn_mp_incr.c
Examining data/libtommath-1.2.0/bn_mp_log_u32.c
Examining data/libtommath-1.2.0/mtest/mpi.h
Examining data/libtommath-1.2.0/mtest/mpi-config.h
Examining data/libtommath-1.2.0/mtest/mpi.c
Examining data/libtommath-1.2.0/mtest/mpi-types.h
Examining data/libtommath-1.2.0/mtest/logtab.h
Examining data/libtommath-1.2.0/mtest/mtest.c
Examining data/libtommath-1.2.0/bn_mp_invmod.c
Examining data/libtommath-1.2.0/bn_s_mp_toom_sqr.c
Examining data/libtommath-1.2.0/bn_mp_clear.c
Examining data/libtommath-1.2.0/bn_mp_get_i32.c
Examining data/libtommath-1.2.0/bn_s_mp_sqr_fast.c
Examining data/libtommath-1.2.0/bn_mp_div_2.c
Examining data/libtommath-1.2.0/bn_mp_submod.c
Examining data/libtommath-1.2.0/bn_mp_exch.c
Examining data/libtommath-1.2.0/bn_mp_to_ubin.c
Examining data/libtommath-1.2.0/bn_mp_mulmod.c
Examining data/libtommath-1.2.0/bn_cutoffs.c
Examining data/libtommath-1.2.0/bn_mp_and.c
Examining data/libtommath-1.2.0/bn_s_mp_add.c
Examining data/libtommath-1.2.0/bn_mp_from_sbin.c
Examining data/libtommath-1.2.0/bn_mp_get_i64.c
Examining data/libtommath-1.2.0/bn_s_mp_rand_platform.c
Examining data/libtommath-1.2.0/bn_mp_init_i32.c
Examining data/libtommath-1.2.0/bn_mp_cmp_d.c
Examining data/libtommath-1.2.0/bn_mp_or.c
Examining data/libtommath-1.2.0/bn_prime_tab.c
Examining data/libtommath-1.2.0/bn_mp_addmod.c
Examining data/libtommath-1.2.0/bn_s_mp_mul_digs.c
Examining data/libtommath-1.2.0/bn_mp_init_ull.c
Examining data/libtommath-1.2.0/bn_mp_to_radix.c
Examining data/libtommath-1.2.0/bn_mp_isodd.c
Examining data/libtommath-1.2.0/bn_mp_init_u32.c
Examining data/libtommath-1.2.0/bn_mp_signed_rsh.c
Examining data/libtommath-1.2.0/bn_mp_dr_is_modulus.c
Examining data/libtommath-1.2.0/bn_mp_init.c
Examining data/libtommath-1.2.0/bn_mp_init_multi.c
Examining data/libtommath-1.2.0/bn_mp_get_l.c
Examining data/libtommath-1.2.0/bn_mp_iseven.c
Examining data/libtommath-1.2.0/bn_mp_unpack.c
Examining data/libtommath-1.2.0/bn_s_mp_get_bit.c
Examining data/libtommath-1.2.0/bn_s_mp_mul_digs_fast.c
Examining data/libtommath-1.2.0/bn_mp_div_d.c
Examining data/libtommath-1.2.0/bn_mp_div_2d.c
Examining data/libtommath-1.2.0/bn_mp_set_ull.c
Examining data/libtommath-1.2.0/bn_mp_get_mag_u64.c
Examining data/libtommath-1.2.0/bn_mp_init_i64.c
Examining data/libtommath-1.2.0/bn_mp_xor.c
Examining data/libtommath-1.2.0/bn_mp_radix_smap.c
Examining data/libtommath-1.2.0/bn_mp_set_l.c
Examining data/libtommath-1.2.0/bn_mp_div_3.c
Examining data/libtommath-1.2.0/bn_mp_mod.c
Examining data/libtommath-1.2.0/bn_mp_get_ll.c
Examining data/libtommath-1.2.0/bn_mp_complement.c
Examining data/libtommath-1.2.0/pre_gen/mpi.c
Examining data/libtommath-1.2.0/bn_mp_add.c
Examining data/libtommath-1.2.0/bn_mp_init_u64.c
Examining data/libtommath-1.2.0/bn_mp_reduce_is_2k.c
Examining data/libtommath-1.2.0/bn_mp_set_double.c
Examining data/libtommath-1.2.0/bn_mp_rand.c
Examining data/libtommath-1.2.0/bn_mp_mul_2.c
Examining data/libtommath-1.2.0/bn_s_mp_sqr.c
Examining data/libtommath-1.2.0/bn_s_mp_prime_is_divisible.c
Examining data/libtommath-1.2.0/bn_mp_cnt_lsb.c
Examining data/libtommath-1.2.0/bn_mp_get_mag_ull.c
Examining data/libtommath-1.2.0/bn_mp_prime_next_prime.c
Examining data/libtommath-1.2.0/bn_s_mp_sub.c
Examining data/libtommath-1.2.0/bn_mp_set_i32.c
Examining data/libtommath-1.2.0/bn_mp_prime_frobenius_underwood.c
Examining data/libtommath-1.2.0/bn_mp_mul_d.c
Examining data/libtommath-1.2.0/tommath_cutoffs.h
Examining data/libtommath-1.2.0/bn_mp_copy.c
Examining data/libtommath-1.2.0/bn_mp_mul.c
Examining data/libtommath-1.2.0/bn_mp_reduce_2k_setup_l.c
Examining data/libtommath-1.2.0/bn_mp_prime_rand.c
Examining data/libtommath-1.2.0/bn_mp_set.c
Examining data/libtommath-1.2.0/bn_mp_ubin_size.c
Examining data/libtommath-1.2.0/bn_mp_neg.c
Examining data/libtommath-1.2.0/bn_mp_montgomery_setup.c
Examining data/libtommath-1.2.0/bn_mp_montgomery_calc_normalization.c
Examining data/libtommath-1.2.0/bn_mp_count_bits.c
Examining data/libtommath-1.2.0/bn_mp_radix_size.c
Examining data/libtommath-1.2.0/bn_mp_sbin_size.c
Examining data/libtommath-1.2.0/bn_s_mp_mul_high_digs_fast.c
Examining data/libtommath-1.2.0/bn_mp_sub_d.c
Examining data/libtommath-1.2.0/bn_mp_lcm.c
Examining data/libtommath-1.2.0/demo/mtest_opponent.c
Examining data/libtommath-1.2.0/demo/test.c
Examining data/libtommath-1.2.0/demo/shared.c
Examining data/libtommath-1.2.0/demo/timing.c
Examining data/libtommath-1.2.0/demo/shared.h
Examining data/libtommath-1.2.0/bn_mp_reduce_2k.c
Examining data/libtommath-1.2.0/bn_mp_set_u64.c
Examining data/libtommath-1.2.0/bn_mp_from_ubin.c
Examining data/libtommath-1.2.0/bn_mp_root_u32.c
Examining data/libtommath-1.2.0/bn_mp_mul_2d.c
Examining data/libtommath-1.2.0/bn_mp_sqrtmod_prime.c
Examining data/libtommath-1.2.0/bn_s_mp_balance_mul.c
Examining data/libtommath-1.2.0/bn_mp_reduce_is_2k_l.c
Examining data/libtommath-1.2.0/bn_mp_clamp.c
Examining data/libtommath-1.2.0/bn_mp_get_mag_ul.c
Examining data/libtommath-1.2.0/bn_mp_reduce.c
Examining data/libtommath-1.2.0/bn_mp_init_size.c
Examining data/libtommath-1.2.0/bn_s_mp_invmod_slow.c
Examining data/libtommath-1.2.0/bn_mp_zero.c
Examining data/libtommath-1.2.0/bn_mp_prime_is_prime.c
Examining data/libtommath-1.2.0/bn_mp_set_i64.c
Examining data/libtommath-1.2.0/bn_s_mp_invmod_fast.c
Examining data/libtommath-1.2.0/bn_mp_dr_setup.c
Examining data/libtommath-1.2.0/bn_mp_reduce_2k_l.c
Examining data/libtommath-1.2.0/bn_mp_prime_fermat.c
Examining data/libtommath-1.2.0/bn_mp_grow.c
Examining data/libtommath-1.2.0/bn_mp_init_ul.c
Examining data/libtommath-1.2.0/bn_mp_cmp_mag.c
Examining data/libtommath-1.2.0/bn_mp_set_ul.c
Examining data/libtommath-1.2.0/bn_mp_is_square.c
Examining data/libtommath-1.2.0/bn_mp_fwrite.c
Examining data/libtommath-1.2.0/bn_mp_cmp.c
Examining data/libtommath-1.2.0/bn_mp_pack.c
Examining data/libtommath-1.2.0/bn_mp_init_set.c
Examining data/libtommath-1.2.0/bn_mp_prime_rabin_miller_trials.c
Examining data/libtommath-1.2.0/bn_s_mp_montgomery_reduce_fast.c
Examining data/libtommath-1.2.0/bn_mp_abs.c
Examining data/libtommath-1.2.0/bn_s_mp_mul_high_digs.c
Examining data/libtommath-1.2.0/bn_mp_reduce_setup.c
Examining data/libtommath-1.2.0/bn_mp_rshd.c
Examining data/libtommath-1.2.0/bn_mp_exteuclid.c
Examining data/libtommath-1.2.0/bn_s_mp_karatsuba_mul.c
Examining data/libtommath-1.2.0/bn_mp_sqrt.c
Examining data/libtommath-1.2.0/bn_mp_lshd.c
Examining data/libtommath-1.2.0/bn_mp_shrink.c
Examining data/libtommath-1.2.0/bn_mp_get_double.c
Examining data/libtommath-1.2.0/bn_mp_clear_multi.c
Examining data/libtommath-1.2.0/bn_mp_set_u32.c
Examining data/libtommath-1.2.0/bn_mp_expt_u32.c
Examining data/libtommath-1.2.0/tommath_private.h
Examining data/libtommath-1.2.0/bn_s_mp_reverse.c
Examining data/libtommath-1.2.0/bn_mp_sqr.c
Examining data/libtommath-1.2.0/bn_mp_exptmod.c
Examining data/libtommath-1.2.0/bn_mp_init_ll.c
Examining data/libtommath-1.2.0/bn_mp_pack_count.c
Examining data/libtommath-1.2.0/bn_mp_dr_reduce.c
Examining data/libtommath-1.2.0/etc/tune.c
Examining data/libtommath-1.2.0/etc/mont.c
Examining data/libtommath-1.2.0/etc/drprime.c
Examining data/libtommath-1.2.0/etc/2kprime.c
Examining data/libtommath-1.2.0/etc/pprime.c
Examining data/libtommath-1.2.0/etc/mersenne.c
Examining data/libtommath-1.2.0/bn_mp_to_sbin.c
Examining data/libtommath-1.2.0/bn_mp_add_d.c
Examining data/libtommath-1.2.0/bn_mp_set_ll.c
Examining data/libtommath-1.2.0/bn_s_mp_exptmod.c
Examining data/libtommath-1.2.0/bn_mp_read_radix.c
Examining data/libtommath-1.2.0/bn_mp_gcd.c
Examining data/libtommath-1.2.0/bn_mp_div.c
Examining data/libtommath-1.2.0/bn_mp_2expt.c
Examining data/libtommath-1.2.0/bn_mp_decr.c
Examining data/libtommath-1.2.0/bn_mp_mod_2d.c
Examining data/libtommath-1.2.0/bn_mp_prime_miller_rabin.c
Examining data/libtommath-1.2.0/bn_mp_get_mag_u32.c
Examining data/libtommath-1.2.0/bn_mp_reduce_2k_setup.c
Examining data/libtommath-1.2.0/bn_s_mp_exptmod_fast.c
Examining data/libtommath-1.2.0/bn_mp_init_l.c
Examining data/libtommath-1.2.0/bn_mp_montgomery_reduce.c
Examining data/libtommath-1.2.0/bn_mp_fread.c
Examining data/libtommath-1.2.0/bn_mp_error_to_string.c
Examining data/libtommath-1.2.0/bn_mp_sub.c
Examining data/libtommath-1.2.0/bn_mp_prime_strong_lucas_selfridge.c
Examining data/libtommath-1.2.0/tommath_class.h
Examining data/libtommath-1.2.0/bn_mp_sqrmod.c
Examining data/libtommath-1.2.0/bn_s_mp_toom_mul.c
Examining data/libtommath-1.2.0/tommath.h
FINAL RESULTS:
data/libtommath-1.2.0/demo/timing.c:104:26: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define FPRINTF(a,b,c,d) fprintf(a,b,c,d)
data/libtommath-1.2.0/mtest/mpi.c:22:20: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DIAG(T,V) {fprintf(stderr,T);mp_print(V,stderr);fputc('\n',stderr);}
data/libtommath-1.2.0/mtest/mpi.c:2246:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, DIGIT_FMT, DIGIT(mp, ix));
data/libtommath-1.2.0/demo/mtest_opponent.c:30:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(LTM_MTEST_RAND_SEED);
data/libtommath-1.2.0/demo/timing.c:142:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(LTM_TIMING_RAND_SEED);
data/libtommath-1.2.0/etc/mont.c:12:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libtommath-1.2.0/etc/pprime.c:384:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libtommath-1.2.0/mtest/mtest.c:159:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(23);
data/libtommath-1.2.0/bn_mp_is_square.c:7:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char rem_128[128] = {
data/libtommath-1.2.0/bn_mp_is_square.c:18:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char rem_105[105] = {
data/libtommath-1.2.0/bn_s_mp_rand_platform.c:94:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(MP_DEV_URANDOM, O_RDONLY);
data/libtommath-1.2.0/demo/mtest_opponent.c:22:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[4096];
data/libtommath-1.2.0/demo/mtest_opponent.c:23:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/demo/test.c:281:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tmp = tmpfile();
data/libtommath-1.2.0/demo/test.c:1190:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/demo/test.c:1255:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/demo/test.c:1483:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/demo/test.c:1885:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *root[10][100] = {
data/libtommath-1.2.0/demo/timing.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/demo/timing.c:103:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define FOPEN(a,b) fopen(a,b)
data/libtommath-1.2.0/etc/2kprime.c:9:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2000];
data/libtommath-1.2.0/etc/2kprime.c:19:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("2kprime.1", "w");
data/libtommath-1.2.0/etc/drprime.c:10:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/etc/drprime.c:17:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("drprimes.txt", "w");
data/libtommath-1.2.0/etc/pprime.c:39:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("pprime.dat", "wb");
data/libtommath-1.2.0/etc/pprime.c:160:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
primes = fopen("pprime.dat", "rb");
data/libtommath-1.2.0/etc/pprime.c:163:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
primes = fopen("pprime.dat", "rb");
data/libtommath-1.2.0/etc/pprime.c:334:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/etc/pprime.c:380:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/etc/tune.c:290:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mullog[256] = "multiplying";
data/libtommath-1.2.0/etc/tune.c:291:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sqrlog[256] = "squaring";
data/libtommath-1.2.0/etc/tune.c:490:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
multiplying = fopen(mullog, "w+");
data/libtommath-1.2.0/etc/tune.c:496:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
squaring = fopen(sqrlog, "w+");
data/libtommath-1.2.0/mtest/mpi.c:155:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define s_mp_copy(sp, dp, count) memcpy(dp, sp, (count) * sizeof(mp_digit))
data/libtommath-1.2.0/mtest/mpi.c:2737:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, sp, count * sizeof(mp_digit));
data/libtommath-1.2.0/mtest/mtest.c:52:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/libtommath-1.2.0/mtest/mtest.c:76:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/libtommath-1.2.0/mtest/mtest.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libtommath-1.2.0/mtest/mtest.c:149:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rng = fopen("/dev/urandom", "rb");
data/libtommath-1.2.0/mtest/mtest.c:151:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rng = fopen("/dev/random", "rb");
data/libtommath-1.2.0/pre_gen/mpi.c:2656:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char rem_128[128] = {
data/libtommath-1.2.0/pre_gen/mpi.c:2667:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char rem_105[105] = {
data/libtommath-1.2.0/pre_gen/mpi.c:8837:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(MP_DEV_URANDOM, O_RDONLY);
data/libtommath-1.2.0/bn_mp_fread.c:14:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = fgetc(stream);
data/libtommath-1.2.0/bn_mp_fread.c:17:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(stream);
data/libtommath-1.2.0/bn_mp_fread.c:50:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} while ((ch = fgetc(stream)) != EOF);
data/libtommath-1.2.0/bn_s_mp_rand_platform.c:99:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t ret = read(fd, p, n);
data/libtommath-1.2.0/demo/mtest_opponent.c:80:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd[strlen(cmd) - 1u] = '\0';
data/libtommath-1.2.0/mtest/mtest.c:43:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define getRandChar() fgetc(rng)
data/libtommath-1.2.0/pre_gen/mpi.c:1936:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = fgetc(stream);
data/libtommath-1.2.0/pre_gen/mpi.c:1939:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(stream);
data/libtommath-1.2.0/pre_gen/mpi.c:1972:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} while ((ch = fgetc(stream)) != EOF);
data/libtommath-1.2.0/pre_gen/mpi.c:8842:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t ret = read(fd, p, n);
ANALYSIS SUMMARY:
Hits = 53
Lines analyzed = 30382 in approximately 0.77 seconds (39412 lines/second)
Physical Source Lines of Code (SLOC) = 19683
Hits@level = [0] 327 [1] 10 [2] 35 [3] 5 [4] 3 [5] 0
Hits@level+ = [0+] 380 [1+] 53 [2+] 43 [3+] 8 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 19.306 [1+] 2.69268 [2+] 2.18463 [3+] 0.406442 [4+] 0.152416 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.