Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c Examining data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.h Examining data/mokutil-0.3.0+1538710437.fb6250f/src/signature.h Examining data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c FINAL RESULTS: data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:812:17: [4] (crypto) crypt: The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment (CWE-327). Use a different algorithm, such as SHA-256, with a larger, non-repeating salt. crypt_string = crypt (password, settings); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:2047:17: [4] (crypto) crypt: The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment (CWE-327). Use a different algorithm, such as SHA-256, with a larger, non-repeating salt. crypt_string = crypt (password, settings); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:2315:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (files[i], argv[f_ind]); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:771:2: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom (tv.tv_sec ^ tv.tv_usec ^ getpid ()); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:774:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. rand_str = l64a (random()); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:2189:7: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, "cd:f:g::hi:lmpst:xDNPX", data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:74:2: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom (tv.tv_sec ^ tv.tv_usec ^ getpid ()); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:76:9: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. diff = random () % (max - min + 1); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:446:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. print_x509 ((char *)list[i].mok, list[i].mok_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:786:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char settings[SETTINGS_LEN]; data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:822:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->hash, new_crypt.hash, hash_len); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:827:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->salt, new_crypt.salt, new_crypt.salt_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:836:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[BUF_SIZE]; data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:840:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open (file, O_RDONLY); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1304:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open (files[i], O_RDONLY); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1347:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (new_list + real_size, old_req_data, old_req_data_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1544:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (CertData->SignatureData, db_hash, hash_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1549:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, old_req_data, old_req_data_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1557:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, (void *)mok_list[i].header, sig_list_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1566:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, (void *)mok_list[i].header, sig_list_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1568:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, (void *)&hash_type, sizeof(efi_guid_t)); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1570:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, db_hash, hash_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1575:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, (void *)mok_list[i].header, sig_list_size); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1635:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[PATH_MAX]; data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1687:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open (filename, O_CREAT | O_WRONLY, mode); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1959:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open (key_file, O_RDONLY); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:2003:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char settings[SETTINGS_LEN]; data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:49:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char b64t[64] = data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:148:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->salt, string, 2); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:150:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->hash, string, TRAD_DES_HASH_SIZE); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b64_hash[MD5_B64_LENGTH + 1]; data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:173:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->salt, ptr, count); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:180:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (b64_hash, ptr, MD5_B64_LENGTH); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:194:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b64_hash[SHA256_B64_LENGTH + 1]; data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:222:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->salt, ptr, count); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:232:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (b64_hash, ptr, SHA256_B64_LENGTH); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:246:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b64_hash[SHA512_B64_LENGTH + 1]; data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:274:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->salt, ptr, count); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:284:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (b64_hash, ptr, SHA512_B64_LENGTH); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:315:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->salt, string, (22 + 7)); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:319:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pw_crypt->hash, string + 22 + 7, BLOWFISH_HASH_SIZE); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:214:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int i, src_len = strlen(src); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:775:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (salt, rand_str, remain); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:776:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). remain = remain - strlen(rand_str); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:849:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t rc = read (fd, string + read_len, BUF_SIZE - read_len); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1313:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read_size = read (fd, ptr, sizes[i]); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1370:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int len = strlen (hash_str); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:1939:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). } while ((i = read (fd, buf + size, 1024)) > 0); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:2012:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pw_len = strlen (input_pw); data/mokutil-0.3.0+1538710437.fb6250f/src/mokutil.c:2314:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). files[i] = malloc (strlen(argv[f_ind]) + 1); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:178:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ptr) != MD5_B64_LENGTH) data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:213:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (ptr) > SHA256_B64_LENGTH) { data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:230:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ptr) < SHA256_B64_LENGTH) data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:265:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (ptr) > SHA512_B64_LENGTH) { data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:282:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ptr) < SHA512_B64_LENGTH) data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:299:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(string) != (53 + 7)) data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:332:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return decode_md5_pass (crypt_pass + strlen (md5_prefix), pw_crypt); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:337:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return decode_sha256_pass (crypt_pass + strlen (sha256_prefix), pw_crypt); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:342:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return decode_sha512_pass (crypt_pass + strlen (sha512_prefix), pw_crypt); data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:352:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (crypt_pass) == TRAD_DES_HASH_SIZE) { data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:413:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (string) != MD5_B64_LENGTH) data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:449:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (string) != SHA256_B64_LENGTH) data/mokutil-0.3.0+1538710437.fb6250f/src/password-crypt.c:492:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (string) != SHA512_B64_LENGTH) ANALYSIS SUMMARY: Hits = 63 Lines analyzed = 3264 in approximately 0.09 seconds (38323 lines/second) Physical Source Lines of Code (SLOC) = 2650 Hits@level = [0] 148 [1] 22 [2] 33 [3] 5 [4] 3 [5] 0 Hits@level+ = [0+] 211 [1+] 63 [2+] 41 [3+] 8 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 79.6226 [1+] 23.7736 [2+] 15.4717 [3+] 3.01887 [4+] 1.13208 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.