Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openssl-3.0.0~~alpha4/apps/asn1pars.c
Examining data/openssl-3.0.0~~alpha4/apps/ca.c
Examining data/openssl-3.0.0~~alpha4/apps/ciphers.c
Examining data/openssl-3.0.0~~alpha4/apps/cmp.c
Examining data/openssl-3.0.0~~alpha4/apps/cmp_mock_srv.c
Examining data/openssl-3.0.0~~alpha4/apps/cmp_mock_srv.h
Examining data/openssl-3.0.0~~alpha4/apps/cms.c
Examining data/openssl-3.0.0~~alpha4/apps/crl.c
Examining data/openssl-3.0.0~~alpha4/apps/crl2p7.c
Examining data/openssl-3.0.0~~alpha4/apps/dgst.c
Examining data/openssl-3.0.0~~alpha4/apps/dhparam.c
Examining data/openssl-3.0.0~~alpha4/apps/dsa.c
Examining data/openssl-3.0.0~~alpha4/apps/dsaparam.c
Examining data/openssl-3.0.0~~alpha4/apps/ec.c
Examining data/openssl-3.0.0~~alpha4/apps/ecparam.c
Examining data/openssl-3.0.0~~alpha4/apps/enc.c
Examining data/openssl-3.0.0~~alpha4/apps/engine.c
Examining data/openssl-3.0.0~~alpha4/apps/errstr.c
Examining data/openssl-3.0.0~~alpha4/apps/fipsinstall.c
Examining data/openssl-3.0.0~~alpha4/apps/gendsa.c
Examining data/openssl-3.0.0~~alpha4/apps/genpkey.c
Examining data/openssl-3.0.0~~alpha4/apps/genrsa.c
Examining data/openssl-3.0.0~~alpha4/apps/include/app_params.h
Examining data/openssl-3.0.0~~alpha4/apps/include/apps.h
Examining data/openssl-3.0.0~~alpha4/apps/include/apps_ui.h
Examining data/openssl-3.0.0~~alpha4/apps/include/fmt.h
Examining data/openssl-3.0.0~~alpha4/apps/include/function.h
Examining data/openssl-3.0.0~~alpha4/apps/include/http_server.h
Examining data/openssl-3.0.0~~alpha4/apps/include/names.h
Examining data/openssl-3.0.0~~alpha4/apps/include/opt.h
Examining data/openssl-3.0.0~~alpha4/apps/include/platform.h
Examining data/openssl-3.0.0~~alpha4/apps/include/s_apps.h
Examining data/openssl-3.0.0~~alpha4/apps/include/vms_term_sock.h
Examining data/openssl-3.0.0~~alpha4/apps/info.c
Examining data/openssl-3.0.0~~alpha4/apps/kdf.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/app_params.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/app_provider.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/app_rand.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/app_x509.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/apps.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/apps_ui.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/columns.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/fmt.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/http_server.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/names.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/opt.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/s_cb.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/s_socket.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/vms_decc_argv.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c
Examining data/openssl-3.0.0~~alpha4/apps/lib/win32_init.c
Examining data/openssl-3.0.0~~alpha4/apps/list.c
Examining data/openssl-3.0.0~~alpha4/apps/mac.c
Examining data/openssl-3.0.0~~alpha4/apps/nseq.c
Examining data/openssl-3.0.0~~alpha4/apps/ocsp.c
Examining data/openssl-3.0.0~~alpha4/apps/openssl.c
Examining data/openssl-3.0.0~~alpha4/apps/passwd.c
Examining data/openssl-3.0.0~~alpha4/apps/pkcs12.c
Examining data/openssl-3.0.0~~alpha4/apps/pkcs7.c
Examining data/openssl-3.0.0~~alpha4/apps/pkcs8.c
Examining data/openssl-3.0.0~~alpha4/apps/pkey.c
Examining data/openssl-3.0.0~~alpha4/apps/pkeyparam.c
Examining data/openssl-3.0.0~~alpha4/apps/pkeyutl.c
Examining data/openssl-3.0.0~~alpha4/apps/prime.c
Examining data/openssl-3.0.0~~alpha4/apps/provider.c
Examining data/openssl-3.0.0~~alpha4/apps/rand.c
Examining data/openssl-3.0.0~~alpha4/apps/rehash.c
Examining data/openssl-3.0.0~~alpha4/apps/req.c
Examining data/openssl-3.0.0~~alpha4/apps/rsa.c
Examining data/openssl-3.0.0~~alpha4/apps/rsautl.c
Examining data/openssl-3.0.0~~alpha4/apps/s_client.c
Examining data/openssl-3.0.0~~alpha4/apps/s_server.c
Examining data/openssl-3.0.0~~alpha4/apps/s_time.c
Examining data/openssl-3.0.0~~alpha4/apps/sess_id.c
Examining data/openssl-3.0.0~~alpha4/apps/smime.c
Examining data/openssl-3.0.0~~alpha4/apps/speed.c
Examining data/openssl-3.0.0~~alpha4/apps/spkac.c
Examining data/openssl-3.0.0~~alpha4/apps/srp.c
Examining data/openssl-3.0.0~~alpha4/apps/storeutl.c
Examining data/openssl-3.0.0~~alpha4/apps/testdsa.h
Examining data/openssl-3.0.0~~alpha4/apps/testrsa.h
Examining data/openssl-3.0.0~~alpha4/apps/timeouts.h
Examining data/openssl-3.0.0~~alpha4/apps/ts.c
Examining data/openssl-3.0.0~~alpha4/apps/verify.c
Examining data/openssl-3.0.0~~alpha4/apps/version.c
Examining data/openssl-3.0.0~~alpha4/apps/vms_decc_init.c
Examining data/openssl-3.0.0~~alpha4/apps/x509.c
Examining data/openssl-3.0.0~~alpha4/crypto/LPdir_nyi.c
Examining data/openssl-3.0.0~~alpha4/crypto/LPdir_unix.c
Examining data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c
Examining data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c
Examining data/openssl-3.0.0~~alpha4/crypto/LPdir_win32.c
Examining data/openssl-3.0.0~~alpha4/crypto/LPdir_wince.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_cbc.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_cfb.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_core.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_misc.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_ofb.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_wrap.c
Examining data/openssl-3.0.0~~alpha4/crypto/aes/aes_x86core.c
Examining data/openssl-3.0.0~~alpha4/crypto/aria/aria.c
Examining data/openssl-3.0.0~~alpha4/crypto/arm_arch.h
Examining data/openssl-3.0.0~~alpha4/crypto/armcap.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_bitstr.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_d2i_fp.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_digest.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_dup.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_gentm.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_i2d_fp.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_int.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_mbstr.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_object.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_octet.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_print.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_strex.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_strnid.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_time.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_type.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_utctm.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_utf8.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/a_verify.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/ameth_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_gen.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_item_list.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_item_list.h
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_par.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn_moid.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mstbl.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/asn_pack.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/bio_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/bio_ndef.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/charmap.h
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/d2i_param.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/d2i_pr.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/d2i_pu.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/evp_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/f_int.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/f_string.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/i2d_param.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/i2d_pr.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/i2d_pu.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/n_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/nsseq.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/p5_pbe.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/p5_pbev2.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/p5_scrypt.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/p8_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/standard_methods.h
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/t_bitst.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/t_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/t_spki.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_dec.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_fre.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_new.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_scn.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_typ.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_utl.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/tbl_standard.h
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_algor.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_bignum.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_info.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_int64.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_long.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_sig.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_spki.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1/x_val.c
Examining data/openssl-3.0.0~~alpha4/crypto/asn1_dsa.c
Examining data/openssl-3.0.0~~alpha4/crypto/async/arch/async_null.c
Examining data/openssl-3.0.0~~alpha4/crypto/async/arch/async_null.h
Examining data/openssl-3.0.0~~alpha4/crypto/async/arch/async_posix.c
Examining data/openssl-3.0.0~~alpha4/crypto/async/arch/async_posix.h
Examining data/openssl-3.0.0~~alpha4/crypto/async/arch/async_win.c
Examining data/openssl-3.0.0~~alpha4/crypto/async/arch/async_win.h
Examining data/openssl-3.0.0~~alpha4/crypto/async/async.c
Examining data/openssl-3.0.0~~alpha4/crypto/async/async_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/async/async_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/async/async_wait.c
Examining data/openssl-3.0.0~~alpha4/crypto/bf/bf_cfb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/bf/bf_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/bf/bf_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/bf/bf_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/bf/bf_ofb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/bf/bf_pi.h
Examining data/openssl-3.0.0~~alpha4/crypto/bf/bf_skey.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/b_dump.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/b_sock.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/b_sock2.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bf_lbuf.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bf_nbio.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bf_null.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bf_prefix.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bio_cb.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bio_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bio_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bio_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bio_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_acpt.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_bio.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_conn.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_fd.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_file.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_mem.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_null.c
Examining data/openssl-3.0.0~~alpha4/crypto/bio/bss_sock.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/asm/x86_64-gcc.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_add.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_asm.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_blind.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_const.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_conv.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_ctx.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_depr.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_dh.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_div.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_exp.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_exp2.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_gcd.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_gf2m.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_intern.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_kron.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_mod.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_mont.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_mpi.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_mul.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_nist.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_prime.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_prime.h
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_print.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_rand.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_recp.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_rsa_fips186_4.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_shift.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_sqr.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_sqrt.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_srp.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_word.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/bn_x931p.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/rsaz_exp.c
Examining data/openssl-3.0.0~~alpha4/crypto/bn/rsaz_exp.h
Examining data/openssl-3.0.0~~alpha4/crypto/bsearch.c
Examining data/openssl-3.0.0~~alpha4/crypto/buffer/buf_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/buffer/buffer.c
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/camellia.c
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_cbc.c
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_cfb.c
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_ctr.c
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_misc.c
Examining data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_ofb.c
Examining data/openssl-3.0.0~~alpha4/crypto/cast/c_cfb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/cast/c_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/cast/c_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/cast/c_ofb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/cast/c_skey.c
Examining data/openssl-3.0.0~~alpha4/crypto/cast/cast_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/cast/cast_s.h
Examining data/openssl-3.0.0~~alpha4/crypto/chacha/chacha_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmac/cm_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_asn.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_client.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_ctx.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_hdr.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_http.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_msg.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_protect.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_server.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_status.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_util.c
Examining data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_vfy.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_att.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_cd.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_dd.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_env.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_ess.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_io.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_kari.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_pwri.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_sd.c
Examining data/openssl-3.0.0~~alpha4/crypto/cms/cms_smime.c
Examining data/openssl-3.0.0~~alpha4/crypto/comp/c_zlib.c
Examining data/openssl-3.0.0~~alpha4/crypto/comp/comp_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/comp/comp_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/comp/comp_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_api.c
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.h
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_mall.c
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_mod.c
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_sap.c
Examining data/openssl-3.0.0~~alpha4/crypto/conf/conf_ssl.c
Examining data/openssl-3.0.0~~alpha4/crypto/context.c
Examining data/openssl-3.0.0~~alpha4/crypto/core_algorithm.c
Examining data/openssl-3.0.0~~alpha4/crypto/core_fetch.c
Examining data/openssl-3.0.0~~alpha4/crypto/core_namemap.c
Examining data/openssl-3.0.0~~alpha4/crypto/cpt_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/crmf/crmf_asn.c
Examining data/openssl-3.0.0~~alpha4/crypto/crmf/crmf_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/crmf/crmf_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/crmf/crmf_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/crmf/crmf_pbm.c
Examining data/openssl-3.0.0~~alpha4/crypto/cryptlib.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_b64.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_log.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_oct.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_policy.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_sct.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_sct_ctx.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_vfy.c
Examining data/openssl-3.0.0~~alpha4/crypto/ct/ct_x509v3.c
Examining data/openssl-3.0.0~~alpha4/crypto/ctype.c
Examining data/openssl-3.0.0~~alpha4/crypto/cversion.c
Examining data/openssl-3.0.0~~alpha4/crypto/der_writer.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/cbc_cksm.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/cbc_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/cfb64ede.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/cfb64enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/cfb_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/des_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/des_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/des/ecb3_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/ecb_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/fcrypt_b.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/ncbc_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/ofb64ede.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/ofb64enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/ofb_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/pcbc_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/qud_cksm.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/rand_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/set_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/spr.h
Examining data/openssl-3.0.0~~alpha4/crypto/des/str2key.c
Examining data/openssl-3.0.0~~alpha4/crypto/des/xcbc_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_backend.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_check.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_depr.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_gen.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_group_params.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_kdf.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_pmeth.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/dh/dh_rfc5114.c
Examining data/openssl-3.0.0~~alpha4/crypto/dllmain.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_backend.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_check.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_depr.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_gen.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_ossl.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_pmeth.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_vrf.c
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_openssl.c
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c
Examining data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c
Examining data/openssl-3.0.0~~alpha4/crypto/ebcdic.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/arch_32/arch_intrinsics.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/arch_32/f_impl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/arch_32/f_impl.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/curve448.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/curve448_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/curve448_tables.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/curve448utils.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/ed448.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/eddsa.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/f_generic.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/field.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/point_448.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/scalar.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/curve448/word.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec2_oct.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec2_smpl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_backend.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_check.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_ctrl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_cvt.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_kmeth.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_mult.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_oct.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_pmeth.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ec_print.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecdh_kdf.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecdh_ossl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecdsa_ossl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecdsa_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecdsa_vrf.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/eck_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_mont.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nist.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp224.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp521.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistputil.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256_table.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_oct.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_s390x_nistp.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecp_smpl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecx_backend.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecx_backend.h
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecx_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_all.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_cnf.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_ctrl.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_dyn.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_fat.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_init.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_list.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_openssl.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_rdrand.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/eng_table.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_asnmth.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_cipher.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_dh.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_digest.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_dsa.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_eckey.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_pkmeth.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_rand.c
Examining data/openssl-3.0.0~~alpha4/crypto/engine/tb_rsa.c
Examining data/openssl-3.0.0~~alpha4/crypto/err/err.c
Examining data/openssl-3.0.0~~alpha4/crypto/err/err_all.c
Examining data/openssl-3.0.0~~alpha4/crypto/err/err_blocks.c
Examining data/openssl-3.0.0~~alpha4/crypto/err/err_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/err/openssl.ec
Examining data/openssl-3.0.0~~alpha4/crypto/ess/ess_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/ess/ess_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/ess/ess_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/bio_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/bio_md.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/c_alld.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/cmeth_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/digest.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_bf.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_camellia.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_cast.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_des.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_idea.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_null.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_old.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_rc2.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_rc4.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_rc4_hmac_md5.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_rc5.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_seed.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_sm4.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/e_xcbc_d.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/encode.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_cnf.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_fetch.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_pbe.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_rand.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/evp_utils.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/exchange.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/kdf_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/kdf_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/keymgmt_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/keymgmt_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_blake2.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_md2.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_md4.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_md5.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_md5_sha1.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_mdc2.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_meth.h
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_ripemd.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_sha.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/legacy_wp.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/m_null.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/m_sigver.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/mac_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/mac_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/names.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt2.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p_dec.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p_open.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p_seal.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/p_verify.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/pbe_scrypt.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/pkey_kdf.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/pkey_mac.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_check.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_fn.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_gn.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/evp/signature.c
Examining data/openssl-3.0.0~~alpha4/crypto/ex_data.c
Examining data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_backend.c
Examining data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_key_generate.c
Examining data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_key_validate.c
Examining data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params.c
Examining data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c
Examining data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_validate.c
Examining data/openssl-3.0.0~~alpha4/crypto/getenv.c
Examining data/openssl-3.0.0~~alpha4/crypto/hmac/hm_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/hmac/hmac.c
Examining data/openssl-3.0.0~~alpha4/crypto/hmac/hmac_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/http/http_client.c
Examining data/openssl-3.0.0~~alpha4/crypto/http/http_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/http/http_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/idea/i_cbc.c
Examining data/openssl-3.0.0~~alpha4/crypto/idea/i_cfb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/idea/i_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/idea/i_ofb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/idea/i_skey.c
Examining data/openssl-3.0.0~~alpha4/crypto/idea/idea_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/include/internal/pem_int.h
Examining data/openssl-3.0.0~~alpha4/crypto/info.c
Examining data/openssl-3.0.0~~alpha4/crypto/init.c
Examining data/openssl-3.0.0~~alpha4/crypto/initthread.c
Examining data/openssl-3.0.0~~alpha4/crypto/kdf/kdf_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/lhash/lh_stats.c
Examining data/openssl-3.0.0~~alpha4/crypto/lhash/lhash.c
Examining data/openssl-3.0.0~~alpha4/crypto/lhash/lhash_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/md2/md2_dgst.c
Examining data/openssl-3.0.0~~alpha4/crypto/md2/md2_one.c
Examining data/openssl-3.0.0~~alpha4/crypto/md4/md4_dgst.c
Examining data/openssl-3.0.0~~alpha4/crypto/md4/md4_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/md4/md4_one.c
Examining data/openssl-3.0.0~~alpha4/crypto/md5/md5_dgst.c
Examining data/openssl-3.0.0~~alpha4/crypto/md5/md5_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/md5/md5_one.c
Examining data/openssl-3.0.0~~alpha4/crypto/md5/md5_sha1.c
Examining data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2_one.c
Examining data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2dgst.c
Examining data/openssl-3.0.0~~alpha4/crypto/mem.c
Examining data/openssl-3.0.0~~alpha4/crypto/mem_clr.c
Examining data/openssl-3.0.0~~alpha4/crypto/mem_sec.c
Examining data/openssl-3.0.0~~alpha4/crypto/mips_arch.h
Examining data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/ccm128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/ofb128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c
Examining data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c
Examining data/openssl-3.0.0~~alpha4/crypto/o_dir.c
Examining data/openssl-3.0.0~~alpha4/crypto/o_fopen.c
Examining data/openssl-3.0.0~~alpha4/crypto/o_init.c
Examining data/openssl-3.0.0~~alpha4/crypto/o_str.c
Examining data/openssl-3.0.0~~alpha4/crypto/o_time.c
Examining data/openssl-3.0.0~~alpha4/crypto/objects/o_names.c
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_compat.h
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.c
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.h
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_xref.c
Examining data/openssl-3.0.0~~alpha4/crypto/objects/obj_xref.h
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_asn.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_cl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_ext.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_http.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_srv.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_vfy.c
Examining data/openssl-3.0.0~~alpha4/crypto/ocsp/v3_ocsp.c
Examining data/openssl-3.0.0~~alpha4/crypto/packet.c
Examining data/openssl-3.0.0~~alpha4/crypto/param_build.c
Examining data/openssl-3.0.0~~alpha4/crypto/param_build_set.c
Examining data/openssl-3.0.0~~alpha4/crypto/params.c
Examining data/openssl-3.0.0~~alpha4/crypto/params_from_text.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_all.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_info.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_oth.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_pk8.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_x509.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pem_xaux.c
Examining data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_add.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_asn.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_attr.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_crpt.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_crt.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_decr.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_init.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_key.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_kiss.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_mutl.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_npas.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_p8d.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_p8e.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_sbag.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_utl.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs12/pk12err.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/bio_pk7.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_attr.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_doit.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_mime.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_smime.c
Examining data/openssl-3.0.0~~alpha4/crypto/pkcs7/pkcs7err.c
Examining data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c
Examining data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_base2_44.c
Examining data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_ieee754.c
Examining data/openssl-3.0.0~~alpha4/crypto/ppc_arch.h
Examining data/openssl-3.0.0~~alpha4/crypto/ppccap.c
Examining data/openssl-3.0.0~~alpha4/crypto/property/defn_cache.c
Examining data/openssl-3.0.0~~alpha4/crypto/property/property.c
Examining data/openssl-3.0.0~~alpha4/crypto/property/property_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/property/property_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/property/property_parse.c
Examining data/openssl-3.0.0~~alpha4/crypto/property/property_string.c
Examining data/openssl-3.0.0~~alpha4/crypto/provider.c
Examining data/openssl-3.0.0~~alpha4/crypto/provider_conf.c
Examining data/openssl-3.0.0~~alpha4/crypto/provider_core.c
Examining data/openssl-3.0.0~~alpha4/crypto/provider_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/provider_predefined.c
Examining data/openssl-3.0.0~~alpha4/crypto/rand/drbg_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/rand/rand_deprecated.c
Examining data/openssl-3.0.0~~alpha4/crypto/rand/rand_egd.c
Examining data/openssl-3.0.0~~alpha4/crypto/rand/rand_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/rand/rand_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/rand/rand_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc2/rc2_cbc.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc2/rc2_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc2/rc2_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/rc2/rc2_skey.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc2/rc2cfb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc2/rc2ofb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc4/rc4_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc4/rc4_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/rc4/rc4_skey.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc5/rc5_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc5/rc5_enc.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc5/rc5_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/rc5/rc5_skey.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc5/rc5cfb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/rc5/rc5ofb64.c
Examining data/openssl-3.0.0~~alpha4/crypto/ripemd/rmd_dgst.c
Examining data/openssl-3.0.0~~alpha4/crypto/ripemd/rmd_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/ripemd/rmd_one.c
Examining data/openssl-3.0.0~~alpha4/crypto/ripemd/rmdconst.h
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_acvp_test_params.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_backend.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_chk.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_crpt.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_depr.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_gen.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_mp.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_mp_names.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_none.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_oaep.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_ossl.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pk1.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pmeth.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pss.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_saos.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_schemes.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sp800_56b_check.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sp800_56b_gen.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_ssl.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_x931.c
Examining data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_x931g.c
Examining data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h
Examining data/openssl-3.0.0~~alpha4/crypto/s390xcap.c
Examining data/openssl-3.0.0~~alpha4/crypto/seed/seed.c
Examining data/openssl-3.0.0~~alpha4/crypto/seed/seed_cbc.c
Examining data/openssl-3.0.0~~alpha4/crypto/seed/seed_cfb.c
Examining data/openssl-3.0.0~~alpha4/crypto/seed/seed_ecb.c
Examining data/openssl-3.0.0~~alpha4/crypto/seed/seed_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/seed/seed_ofb.c
Examining data/openssl-3.0.0~~alpha4/crypto/self_test_core.c
Examining data/openssl-3.0.0~~alpha4/crypto/serializer/serializer_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/serializer/serializer_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/serializer/serializer_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/serializer/serializer_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/serializer/serializer_pkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/sha/keccak1600.c
Examining data/openssl-3.0.0~~alpha4/crypto/sha/sha1_one.c
Examining data/openssl-3.0.0~~alpha4/crypto/sha/sha1dgst.c
Examining data/openssl-3.0.0~~alpha4/crypto/sha/sha256.c
Examining data/openssl-3.0.0~~alpha4/crypto/sha/sha3.c
Examining data/openssl-3.0.0~~alpha4/crypto/sha/sha512.c
Examining data/openssl-3.0.0~~alpha4/crypto/sha/sha_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/siphash/siphash.c
Examining data/openssl-3.0.0~~alpha4/crypto/siphash/siphash_ameth.c
Examining data/openssl-3.0.0~~alpha4/crypto/siphash/siphash_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_crypt.c
Examining data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_pmeth.c
Examining data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/sm3/legacy_sm3.c
Examining data/openssl-3.0.0~~alpha4/crypto/sm3/sm3.c
Examining data/openssl-3.0.0~~alpha4/crypto/sm3/sm3_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/sm4/sm4.c
Examining data/openssl-3.0.0~~alpha4/crypto/sparc_arch.h
Examining data/openssl-3.0.0~~alpha4/crypto/sparcv9cap.c
Examining data/openssl-3.0.0~~alpha4/crypto/sparse_array.c
Examining data/openssl-3.0.0~~alpha4/crypto/srp/srp_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c
Examining data/openssl-3.0.0~~alpha4/crypto/stack/stack.c
Examining data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c
Examining data/openssl-3.0.0~~alpha4/crypto/store/store_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/store/store_init.c
Examining data/openssl-3.0.0~~alpha4/crypto/store/store_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/store/store_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/store/store_register.c
Examining data/openssl-3.0.0~~alpha4/crypto/store/store_strings.c
Examining data/openssl-3.0.0~~alpha4/crypto/threads_none.c
Examining data/openssl-3.0.0~~alpha4/crypto/threads_pthread.c
Examining data/openssl-3.0.0~~alpha4/crypto/threads_win.c
Examining data/openssl-3.0.0~~alpha4/crypto/trace.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_asn1.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_conf.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_req_print.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_req_utils.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_print.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_sign.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_utils.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_verify.c
Examining data/openssl-3.0.0~~alpha4/crypto/ts/ts_verify_ctx.c
Examining data/openssl-3.0.0~~alpha4/crypto/txt_db/txt_db.c
Examining data/openssl-3.0.0~~alpha4/crypto/ui/ui_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/ui/ui_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/ui/ui_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/ui/ui_null.c
Examining data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c
Examining data/openssl-3.0.0~~alpha4/crypto/ui/ui_util.c
Examining data/openssl-3.0.0~~alpha4/crypto/uid.c
Examining data/openssl-3.0.0~~alpha4/crypto/vms_rms.h
Examining data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_block.c
Examining data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_dgst.c
Examining data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/x509/by_dir.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/by_file.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/by_store.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/ext_dat.h
Examining data/openssl-3.0.0~~alpha4/crypto/x509/pcy_cache.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/pcy_data.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/pcy_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/pcy_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/x509/pcy_map.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/pcy_node.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/pcy_tree.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/standard_exts.h
Examining data/openssl-3.0.0~~alpha4/crypto/x509/t_crl.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/t_req.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/t_x509.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_admis.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_admis.h
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_akey.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_akeya.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_alt.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_asid.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_bcons.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_bitst.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_conf.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_cpols.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_crld.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_enum.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_extku.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_genn.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_ia5.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_info.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_int.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_ist.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_lib.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_ncons.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_pci.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_pcia.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_pcons.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_pku.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_pmaps.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_prn.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_purp.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_skey.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_sxnet.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_tlsf.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_utf8.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/v3err.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_att.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_cmp.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_d2.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_def.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_err.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_ext.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_local.h
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_lu.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_meth.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_obj.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_r2x.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_req.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_set.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_trs.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_txt.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_v3.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_vfy.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509_vpm.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509cset.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509name.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509rset.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509spki.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x509type.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_all.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_attrib.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_crl.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_exten.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_name.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_pubkey.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_req.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_x509.c
Examining data/openssl-3.0.0~~alpha4/crypto/x509/x_x509a.c
Examining data/openssl-3.0.0~~alpha4/demos/bio/client-arg.c
Examining data/openssl-3.0.0~~alpha4/demos/bio/client-conf.c
Examining data/openssl-3.0.0~~alpha4/demos/bio/saccept.c
Examining data/openssl-3.0.0~~alpha4/demos/bio/sconnect.c
Examining data/openssl-3.0.0~~alpha4/demos/bio/server-arg.c
Examining data/openssl-3.0.0~~alpha4/demos/bio/server-cmod.c
Examining data/openssl-3.0.0~~alpha4/demos/bio/server-conf.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_comp.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_ddec.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_dec.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_denc.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_enc.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_sign.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_sign2.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_uncomp.c
Examining data/openssl-3.0.0~~alpha4/demos/cms/cms_ver.c
Examining data/openssl-3.0.0~~alpha4/demos/evp/aesccm.c
Examining data/openssl-3.0.0~~alpha4/demos/evp/aesgcm.c
Examining data/openssl-3.0.0~~alpha4/demos/pkcs12/pkread.c
Examining data/openssl-3.0.0~~alpha4/demos/pkcs12/pkwrite.c
Examining data/openssl-3.0.0~~alpha4/demos/smime/smdec.c
Examining data/openssl-3.0.0~~alpha4/demos/smime/smenc.c
Examining data/openssl-3.0.0~~alpha4/demos/smime/smsign.c
Examining data/openssl-3.0.0~~alpha4/demos/smime/smsign2.c
Examining data/openssl-3.0.0~~alpha4/demos/smime/smver.c
Examining data/openssl-3.0.0~~alpha4/e_os.h
Examining data/openssl-3.0.0~~alpha4/engines/e_afalg.c
Examining data/openssl-3.0.0~~alpha4/engines/e_afalg.ec
Examining data/openssl-3.0.0~~alpha4/engines/e_afalg.h
Examining data/openssl-3.0.0~~alpha4/engines/e_afalg_err.c
Examining data/openssl-3.0.0~~alpha4/engines/e_afalg_err.h
Examining data/openssl-3.0.0~~alpha4/engines/e_capi.c
Examining data/openssl-3.0.0~~alpha4/engines/e_capi.ec
Examining data/openssl-3.0.0~~alpha4/engines/e_capi_err.c
Examining data/openssl-3.0.0~~alpha4/engines/e_capi_err.h
Examining data/openssl-3.0.0~~alpha4/engines/e_dasync.c
Examining data/openssl-3.0.0~~alpha4/engines/e_dasync.ec
Examining data/openssl-3.0.0~~alpha4/engines/e_dasync_err.c
Examining data/openssl-3.0.0~~alpha4/engines/e_dasync_err.h
Examining data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c
Examining data/openssl-3.0.0~~alpha4/engines/e_ossltest.c
Examining data/openssl-3.0.0~~alpha4/engines/e_ossltest.ec
Examining data/openssl-3.0.0~~alpha4/engines/e_ossltest_err.c
Examining data/openssl-3.0.0~~alpha4/engines/e_ossltest_err.h
Examining data/openssl-3.0.0~~alpha4/engines/e_padlock.c
Examining data/openssl-3.0.0~~alpha4/fuzz/asn1.c
Examining data/openssl-3.0.0~~alpha4/fuzz/asn1parse.c
Examining data/openssl-3.0.0~~alpha4/fuzz/bignum.c
Examining data/openssl-3.0.0~~alpha4/fuzz/bndiv.c
Examining data/openssl-3.0.0~~alpha4/fuzz/client.c
Examining data/openssl-3.0.0~~alpha4/fuzz/cmp.c
Examining data/openssl-3.0.0~~alpha4/fuzz/cms.c
Examining data/openssl-3.0.0~~alpha4/fuzz/conf.c
Examining data/openssl-3.0.0~~alpha4/fuzz/crl.c
Examining data/openssl-3.0.0~~alpha4/fuzz/ct.c
Examining data/openssl-3.0.0~~alpha4/fuzz/driver.c
Examining data/openssl-3.0.0~~alpha4/fuzz/fuzzer.h
Examining data/openssl-3.0.0~~alpha4/fuzz/server.c
Examining data/openssl-3.0.0~~alpha4/fuzz/test-corpus.c
Examining data/openssl-3.0.0~~alpha4/fuzz/x509.c
Examining data/openssl-3.0.0~~alpha4/include/crypto/__DECC_INCLUDE_EPILOGUE.H
Examining data/openssl-3.0.0~~alpha4/include/crypto/__DECC_INCLUDE_PROLOGUE.H
Examining data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/aria.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/asn1.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/asn1_dsa.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/async.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/bn.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/bn_dh.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/bn_srp.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/chacha.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/cmll_platform.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/cms.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/cryptlib.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/ctype.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/des_platform.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/dh.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/dsa.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/ec.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/ecx.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/engine.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/err.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/ess.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/evp.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/lhash.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/md32_common.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/modes.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/objects.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/poly1305.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/rand.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/rsa.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/security_bits.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/serializer.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/sha.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/siphash.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/siv.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/sm2.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/sm2err.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/sm4.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/sparse_array.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/store.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/x509.h
Examining data/openssl-3.0.0~~alpha4/include/crypto/x509v3.h
Examining data/openssl-3.0.0~~alpha4/include/internal/__DECC_INCLUDE_EPILOGUE.H
Examining data/openssl-3.0.0~~alpha4/include/internal/__DECC_INCLUDE_PROLOGUE.H
Examining data/openssl-3.0.0~~alpha4/include/internal/bio.h
Examining data/openssl-3.0.0~~alpha4/include/internal/comp.h
Examining data/openssl-3.0.0~~alpha4/include/internal/conf.h
Examining data/openssl-3.0.0~~alpha4/include/internal/constant_time.h
Examining data/openssl-3.0.0~~alpha4/include/internal/core.h
Examining data/openssl-3.0.0~~alpha4/include/internal/cryptlib.h
Examining data/openssl-3.0.0~~alpha4/include/internal/dane.h
Examining data/openssl-3.0.0~~alpha4/include/internal/deprecated.h
Examining data/openssl-3.0.0~~alpha4/include/internal/der.h
Examining data/openssl-3.0.0~~alpha4/include/internal/dso.h
Examining data/openssl-3.0.0~~alpha4/include/internal/dsoerr.h
Examining data/openssl-3.0.0~~alpha4/include/internal/err.h
Examining data/openssl-3.0.0~~alpha4/include/internal/evp.h
Examining data/openssl-3.0.0~~alpha4/include/internal/ffc.h
Examining data/openssl-3.0.0~~alpha4/include/internal/ktls.h
Examining data/openssl-3.0.0~~alpha4/include/internal/namemap.h
Examining data/openssl-3.0.0~~alpha4/include/internal/nelem.h
Examining data/openssl-3.0.0~~alpha4/include/internal/numbers.h
Examining data/openssl-3.0.0~~alpha4/include/internal/o_dir.h
Examining data/openssl-3.0.0~~alpha4/include/internal/packet.h
Examining data/openssl-3.0.0~~alpha4/include/internal/param_build_set.h
Examining data/openssl-3.0.0~~alpha4/include/internal/property.h
Examining data/openssl-3.0.0~~alpha4/include/internal/propertyerr.h
Examining data/openssl-3.0.0~~alpha4/include/internal/provider.h
Examining data/openssl-3.0.0~~alpha4/include/internal/refcount.h
Examining data/openssl-3.0.0~~alpha4/include/internal/sha3.h
Examining data/openssl-3.0.0~~alpha4/include/internal/sizes.h
Examining data/openssl-3.0.0~~alpha4/include/internal/sm3.h
Examining data/openssl-3.0.0~~alpha4/include/internal/sockets.h
Examining data/openssl-3.0.0~~alpha4/include/internal/sslconf.h
Examining data/openssl-3.0.0~~alpha4/include/internal/symhacks.h
Examining data/openssl-3.0.0~~alpha4/include/internal/thread_once.h
Examining data/openssl-3.0.0~~alpha4/include/internal/tlsgroups.h
Examining data/openssl-3.0.0~~alpha4/include/internal/tsan_assist.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/__DECC_INCLUDE_EPILOGUE.H
Examining data/openssl-3.0.0~~alpha4/include/openssl/__DECC_INCLUDE_PROLOGUE.H
Examining data/openssl-3.0.0~~alpha4/include/openssl/aes.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/asn1.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/asn1_mac.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/asn1err.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/asn1t.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/async.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/asyncerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/bio.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/bioerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/blowfish.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/bn.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/bnerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/buffer.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/buffererr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/camellia.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cast.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cmac.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cmp.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cmp_util.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cmperr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cms.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cmserr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/comp.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/comperr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/conf.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/conf_api.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/conferr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/core.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/core_dispatch.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/core_names.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/crmf.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/crmferr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/crypto.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cryptoerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ct.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/cterr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/des.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/dh.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/dherr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/dsa.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/dsaerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/dtls1.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/e_os2.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ebcdic.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ec.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ecdh.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ecdsa.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ecerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/engine.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/engineerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/err.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ess.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/esserr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/evp.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/evperr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/fips_names.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/hmac.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/http.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/httperr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/idea.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/kdf.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/kdferr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/lhash.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/mac.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/macros.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/md2.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/md4.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/md5.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/mdc2.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/modes.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/obj_mac.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/objects.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/objectserr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ocsp.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ocsperr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/opensslconf.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ossl_typ.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/param_build.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/params.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/pem.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/pem2.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/pemerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/pkcs12.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/pkcs12err.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/pkcs7.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/pkcs7err.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/provider.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/rand.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/rand_drbg.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/randerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/rc2.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/rc4.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/rc5.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ripemd.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/rsa.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/rsaerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/safestack.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/seed.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/self_test.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/serializer.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/serializererr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/sha.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/srp.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/srtp.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ssl.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ssl2.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ssl3.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/sslerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/stack.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/store.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/storeerr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/symhacks.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/tls1.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/trace.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ts.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/tserr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/txt_db.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/types.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/ui.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/uierr.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/whrlpool.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/x509.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/x509_vfy.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/x509err.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/x509v3.h
Examining data/openssl-3.0.0~~alpha4/include/openssl/x509v3err.h
Examining data/openssl-3.0.0~~alpha4/ms/applink.c
Examining data/openssl-3.0.0~~alpha4/ms/uplink.c
Examining data/openssl-3.0.0~~alpha4/ms/uplink.h
Examining data/openssl-3.0.0~~alpha4/os-dep/haiku.h
Examining data/openssl-3.0.0~~alpha4/providers/common/bio_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/common/capabilities.c
Examining data/openssl-3.0.0~~alpha4/providers/common/der/der_dsa_key.c
Examining data/openssl-3.0.0~~alpha4/providers/common/der/der_dsa_sig.c
Examining data/openssl-3.0.0~~alpha4/providers/common/der/der_ec_key.c
Examining data/openssl-3.0.0~~alpha4/providers/common/der/der_ec_sig.c
Examining data/openssl-3.0.0~~alpha4/providers/common/der/der_rsa_key.c
Examining data/openssl-3.0.0~~alpha4/providers/common/der/der_rsa_sig.c
Examining data/openssl-3.0.0~~alpha4/providers/common/include/prov/bio.h
Examining data/openssl-3.0.0~~alpha4/providers/common/include/prov/provider_ctx.h
Examining data/openssl-3.0.0~~alpha4/providers/common/include/prov/provider_util.h
Examining data/openssl-3.0.0~~alpha4/providers/common/include/prov/providercommon.h
Examining data/openssl-3.0.0~~alpha4/providers/common/include/prov/providercommonerr.h
Examining data/openssl-3.0.0~~alpha4/providers/common/nid_to_name.c
Examining data/openssl-3.0.0~~alpha4/providers/common/provider_ctx.c
Examining data/openssl-3.0.0~~alpha4/providers/common/provider_err.c
Examining data/openssl-3.0.0~~alpha4/providers/common/provider_util.c
Examining data/openssl-3.0.0~~alpha4/providers/defltprov.c
Examining data/openssl-3.0.0~~alpha4/providers/fips/fipsprov.c
Examining data/openssl-3.0.0~~alpha4/providers/fips/self_test.c
Examining data/openssl-3.0.0~~alpha4/providers/fips/self_test.h
Examining data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/asymciphers/rsa_enc.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ccm.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ccm.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ccm_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_gcm.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_gcm.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_gcm_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_siv.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_siv.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_siv_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_wrp.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_xts.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_xts.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_xts_fips.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_xts_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria_ccm.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria_ccm.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria_ccm_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria_gcm.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria_gcm.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria_gcm_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aria_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_blowfish.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_blowfish.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_blowfish_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_camellia.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_camellia.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_camellia_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_cast.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_cast5.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_cast5_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_des.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_des.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_des_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_desx.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_desx_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_idea.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_idea.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_idea_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_null.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc2.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc2.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc2_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hmac_md5.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hmac_md5.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc5.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc5.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc5_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_seed.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_seed.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_seed_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_sm4.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_sm4.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_sm4_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_common.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_default.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_default.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_default_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_block.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_hw.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_local.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2_impl.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2b_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2s_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/digestcommon.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/md2_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/md4_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/md5_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/md5_sha1_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/mdc2_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/ripemd_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/sha2_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/sha3_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/sm3_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/digests/wp_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/exchange/dh_exch.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/exchange/ecdh_exch.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/exchange/ecx_exch.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/blake2.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_aead.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_ccm.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/digestcommon.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/implementations.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/md5_sha1.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/rand_pool.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/seeding.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/hkdf.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/kbkdf.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/krb5kdf.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/pbkdf2.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/pbkdf2.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/pbkdf2_fips.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/scrypt.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sshkdf.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sskdf.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/tls1_prf.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/x942kdf.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/keymgmt/dh_kmgmt.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/keymgmt/dsa_kmgmt.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/keymgmt/ec_kmgmt.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/keymgmt/ecx_kmgmt.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/keymgmt/rsa_kmgmt.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/blake2_mac_impl.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/blake2b_mac.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/blake2s_mac.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/cmac_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/gmac_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/hmac_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/poly1305_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/macs/siphash_prov.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/crngt.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hmac.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_local.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/rand_pool.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_cpu_x86.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_tsc.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_vms.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_vxworks.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_win.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/rands/test_rng.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_common.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dh.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dh_param.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dh_priv.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dh_pub.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dsa.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dsa_param.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dsa_priv.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_dsa_pub.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ec.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ec_param.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ec_priv.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ec_pub.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ecx.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ecx_priv.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ecx_pub.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_ffc_params.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_local.h
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_rsa.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_rsa_priv.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_rsa_pub.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/signature/dsa.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/signature/ecdsa.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/signature/eddsa.c
Examining data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c
Examining data/openssl-3.0.0~~alpha4/providers/legacyprov.c
Examining data/openssl-3.0.0~~alpha4/providers/nullprov.c
Examining data/openssl-3.0.0~~alpha4/ssl/bio_ssl.c
Examining data/openssl-3.0.0~~alpha4/ssl/d1_lib.c
Examining data/openssl-3.0.0~~alpha4/ssl/d1_msg.c
Examining data/openssl-3.0.0~~alpha4/ssl/d1_srtp.c
Examining data/openssl-3.0.0~~alpha4/ssl/methods.c
Examining data/openssl-3.0.0~~alpha4/ssl/pqueue.c
Examining data/openssl-3.0.0~~alpha4/ssl/record/dtls1_bitmap.c
Examining data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c
Examining data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_s3.c
Examining data/openssl-3.0.0~~alpha4/ssl/record/record.h
Examining data/openssl-3.0.0~~alpha4/ssl/record/record_local.h
Examining data/openssl-3.0.0~~alpha4/ssl/record/ssl3_buffer.c
Examining data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c
Examining data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record_tls13.c
Examining data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c
Examining data/openssl-3.0.0~~alpha4/ssl/s3_enc.c
Examining data/openssl-3.0.0~~alpha4/ssl/s3_lib.c
Examining data/openssl-3.0.0~~alpha4/ssl/s3_msg.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_asn1.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_cert.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_cert_table.h
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_ciph.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_conf.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_err.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_init.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_local.h
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_mcnf.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_rsa.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_sess.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_stat.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_txt.c
Examining data/openssl-3.0.0~~alpha4/ssl/ssl_utst.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/extensions.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/extensions_cust.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/extensions_srvr.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/statem.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/statem.h
Examining data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c
Examining data/openssl-3.0.0~~alpha4/ssl/statem/statem_local.h
Examining data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c
Examining data/openssl-3.0.0~~alpha4/ssl/t1_enc.c
Examining data/openssl-3.0.0~~alpha4/ssl/t1_lib.c
Examining data/openssl-3.0.0~~alpha4/ssl/t1_trce.c
Examining data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c
Examining data/openssl-3.0.0~~alpha4/ssl/tls_srp.c
Examining data/openssl-3.0.0~~alpha4/test/aborttest.c
Examining data/openssl-3.0.0~~alpha4/test/acvp_test.c
Examining data/openssl-3.0.0~~alpha4/test/aesgcmtest.c
Examining data/openssl-3.0.0~~alpha4/test/afalgtest.c
Examining data/openssl-3.0.0~~alpha4/test/asn1_decode_test.c
Examining data/openssl-3.0.0~~alpha4/test/asn1_dsa_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/asn1_encode_test.c
Examining data/openssl-3.0.0~~alpha4/test/asn1_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/asn1_string_table_test.c
Examining data/openssl-3.0.0~~alpha4/test/asn1_time_test.c
Examining data/openssl-3.0.0~~alpha4/test/asynciotest.c
Examining data/openssl-3.0.0~~alpha4/test/asynctest.c
Examining data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c
Examining data/openssl-3.0.0~~alpha4/test/bftest.c
Examining data/openssl-3.0.0~~alpha4/test/bio_callback_test.c
Examining data/openssl-3.0.0~~alpha4/test/bio_enc_test.c
Examining data/openssl-3.0.0~~alpha4/test/bio_memleak_test.c
Examining data/openssl-3.0.0~~alpha4/test/bio_prefix_text.c
Examining data/openssl-3.0.0~~alpha4/test/bioprinttest.c
Examining data/openssl-3.0.0~~alpha4/test/bn_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/bn_rand_range.h
Examining data/openssl-3.0.0~~alpha4/test/bntest.c
Examining data/openssl-3.0.0~~alpha4/test/casttest.c
Examining data/openssl-3.0.0~~alpha4/test/chacha_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/cipher_overhead_test.c
Examining data/openssl-3.0.0~~alpha4/test/cipherbytes_test.c
Examining data/openssl-3.0.0~~alpha4/test/cipherlist_test.c
Examining data/openssl-3.0.0~~alpha4/test/ciphername_test.c
Examining data/openssl-3.0.0~~alpha4/test/clienthellotest.c
Examining data/openssl-3.0.0~~alpha4/test/cmactest.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_asn_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_client_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_hdr_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_msg_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_protect_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_server_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_status_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_testlib.c
Examining data/openssl-3.0.0~~alpha4/test/cmp_testlib.h
Examining data/openssl-3.0.0~~alpha4/test/cmp_vfy_test.c
Examining data/openssl-3.0.0~~alpha4/test/cmsapitest.c
Examining data/openssl-3.0.0~~alpha4/test/conf_include_test.c
Examining data/openssl-3.0.0~~alpha4/test/confdump.c
Examining data/openssl-3.0.0~~alpha4/test/constant_time_test.c
Examining data/openssl-3.0.0~~alpha4/test/context_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/crltest.c
Examining data/openssl-3.0.0~~alpha4/test/ct_test.c
Examining data/openssl-3.0.0~~alpha4/test/ctype_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/curve448_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/d2i_test.c
Examining data/openssl-3.0.0~~alpha4/test/danetest.c
Examining data/openssl-3.0.0~~alpha4/test/destest.c
Examining data/openssl-3.0.0~~alpha4/test/dhtest.c
Examining data/openssl-3.0.0~~alpha4/test/drbg_cavs_data.h
Examining data/openssl-3.0.0~~alpha4/test/drbg_cavs_data_ctr.c
Examining data/openssl-3.0.0~~alpha4/test/drbg_cavs_data_hash.c
Examining data/openssl-3.0.0~~alpha4/test/drbg_cavs_data_hmac.c
Examining data/openssl-3.0.0~~alpha4/test/drbg_cavs_test.c
Examining data/openssl-3.0.0~~alpha4/test/drbg_extra_test.c
Examining data/openssl-3.0.0~~alpha4/test/drbg_extra_test.h
Examining data/openssl-3.0.0~~alpha4/test/drbgtest.c
Examining data/openssl-3.0.0~~alpha4/test/drbgtest.h
Examining data/openssl-3.0.0~~alpha4/test/dsa_no_digest_size_test.c
Examining data/openssl-3.0.0~~alpha4/test/dsatest.c
Examining data/openssl-3.0.0~~alpha4/test/dtls_mtu_test.c
Examining data/openssl-3.0.0~~alpha4/test/dtlstest.c
Examining data/openssl-3.0.0~~alpha4/test/dtlsv1listentest.c
Examining data/openssl-3.0.0~~alpha4/test/ec_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/ecdsatest.c
Examining data/openssl-3.0.0~~alpha4/test/ecdsatest.h
Examining data/openssl-3.0.0~~alpha4/test/ecstresstest.c
Examining data/openssl-3.0.0~~alpha4/test/ectest.c
Examining data/openssl-3.0.0~~alpha4/test/enginetest.c
Examining data/openssl-3.0.0~~alpha4/test/errtest.c
Examining data/openssl-3.0.0~~alpha4/test/evp_extra_test.c
Examining data/openssl-3.0.0~~alpha4/test/evp_extra_test2.c
Examining data/openssl-3.0.0~~alpha4/test/evp_fetch_prov_test.c
Examining data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c
Examining data/openssl-3.0.0~~alpha4/test/evp_pkey_dparams_test.c
Examining data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c
Examining data/openssl-3.0.0~~alpha4/test/evp_test.c
Examining data/openssl-3.0.0~~alpha4/test/evp_test.h
Examining data/openssl-3.0.0~~alpha4/test/exdatatest.c
Examining data/openssl-3.0.0~~alpha4/test/exptest.c
Examining data/openssl-3.0.0~~alpha4/test/fatalerrtest.c
Examining data/openssl-3.0.0~~alpha4/test/ffc_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/filterprov.c
Examining data/openssl-3.0.0~~alpha4/test/gmdifftest.c
Examining data/openssl-3.0.0~~alpha4/test/gosttest.c
Examining data/openssl-3.0.0~~alpha4/test/handshake_helper.c
Examining data/openssl-3.0.0~~alpha4/test/handshake_helper.h
Examining data/openssl-3.0.0~~alpha4/test/hexstr_test.c
Examining data/openssl-3.0.0~~alpha4/test/hmactest.c
Examining data/openssl-3.0.0~~alpha4/test/http_test.c
Examining data/openssl-3.0.0~~alpha4/test/ideatest.c
Examining data/openssl-3.0.0~~alpha4/test/igetest.c
Examining data/openssl-3.0.0~~alpha4/test/keymgmt_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/lhash_test.c
Examining data/openssl-3.0.0~~alpha4/test/mdc2_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/mdc2test.c
Examining data/openssl-3.0.0~~alpha4/test/memleaktest.c
Examining data/openssl-3.0.0~~alpha4/test/modes_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/namemap_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/ocspapitest.c
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/async_bio.cc
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/async_bio.h
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/include/openssl/base.h
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/ossl_shim.cc
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/packeted_bio.cc
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/packeted_bio.h
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/test_config.cc
Examining data/openssl-3.0.0~~alpha4/test/ossl_shim/test_config.h
Examining data/openssl-3.0.0~~alpha4/test/ossl_test_endian.h
Examining data/openssl-3.0.0~~alpha4/test/p_test.c
Examining data/openssl-3.0.0~~alpha4/test/packettest.c
Examining data/openssl-3.0.0~~alpha4/test/param_build_test.c
Examining data/openssl-3.0.0~~alpha4/test/params_api_test.c
Examining data/openssl-3.0.0~~alpha4/test/params_conversion_test.c
Examining data/openssl-3.0.0~~alpha4/test/params_test.c
Examining data/openssl-3.0.0~~alpha4/test/pbelutest.c
Examining data/openssl-3.0.0~~alpha4/test/pemtest.c
Examining data/openssl-3.0.0~~alpha4/test/pkey_meth_kdf_test.c
Examining data/openssl-3.0.0~~alpha4/test/pkey_meth_test.c
Examining data/openssl-3.0.0~~alpha4/test/poly1305_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/property_test.c
Examining data/openssl-3.0.0~~alpha4/test/provider_fallback_test.c
Examining data/openssl-3.0.0~~alpha4/test/provider_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/provider_test.c
Examining data/openssl-3.0.0~~alpha4/test/rc2test.c
Examining data/openssl-3.0.0~~alpha4/test/rc4test.c
Examining data/openssl-3.0.0~~alpha4/test/rc5test.c
Examining data/openssl-3.0.0~~alpha4/test/rdrand_sanitytest.c
Examining data/openssl-3.0.0~~alpha4/test/recordlentest.c
Examining data/openssl-3.0.0~~alpha4/test/rsa_complex.c
Examining data/openssl-3.0.0~~alpha4/test/rsa_mp_test.c
Examining data/openssl-3.0.0~~alpha4/test/rsa_sp800_56b_test.c
Examining data/openssl-3.0.0~~alpha4/test/rsa_test.c
Examining data/openssl-3.0.0~~alpha4/test/sanitytest.c
Examining data/openssl-3.0.0~~alpha4/test/secmemtest.c
Examining data/openssl-3.0.0~~alpha4/test/servername_test.c
Examining data/openssl-3.0.0~~alpha4/test/shlibloadtest.c
Examining data/openssl-3.0.0~~alpha4/test/siphash_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/sm2_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/sm4_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/sparse_array_test.c
Examining data/openssl-3.0.0~~alpha4/test/srptest.c
Examining data/openssl-3.0.0~~alpha4/test/ssl_cert_table_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/ssl_ctx_test.c
Examining data/openssl-3.0.0~~alpha4/test/ssl_test.c
Examining data/openssl-3.0.0~~alpha4/test/ssl_test_ctx.c
Examining data/openssl-3.0.0~~alpha4/test/ssl_test_ctx.h
Examining data/openssl-3.0.0~~alpha4/test/ssl_test_ctx_test.c
Examining data/openssl-3.0.0~~alpha4/test/sslapitest.c
Examining data/openssl-3.0.0~~alpha4/test/sslbuffertest.c
Examining data/openssl-3.0.0~~alpha4/test/sslcorrupttest.c
Examining data/openssl-3.0.0~~alpha4/test/ssltest_old.c
Examining data/openssl-3.0.0~~alpha4/test/ssltestlib.c
Examining data/openssl-3.0.0~~alpha4/test/ssltestlib.h
Examining data/openssl-3.0.0~~alpha4/test/stack_test.c
Examining data/openssl-3.0.0~~alpha4/test/sysdefaulttest.c
Examining data/openssl-3.0.0~~alpha4/test/test_test.c
Examining data/openssl-3.0.0~~alpha4/test/testutil.h
Examining data/openssl-3.0.0~~alpha4/test/testutil/apps_mem.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/basic_output.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/cb.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/driver.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/format_output.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/main.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/options.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/output.h
Examining data/openssl-3.0.0~~alpha4/test/testutil/output_helpers.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/random.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/stanza.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/test_cleanup.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/test_options.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/tests.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/testutil_init.c
Examining data/openssl-3.0.0~~alpha4/test/testutil/tu_local.h
Examining data/openssl-3.0.0~~alpha4/test/threadstest.c
Examining data/openssl-3.0.0~~alpha4/test/time_offset_test.c
Examining data/openssl-3.0.0~~alpha4/test/tls-provider.c
Examining data/openssl-3.0.0~~alpha4/test/tls13ccstest.c
Examining data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c
Examining data/openssl-3.0.0~~alpha4/test/tls13secretstest.c
Examining data/openssl-3.0.0~~alpha4/test/uitest.c
Examining data/openssl-3.0.0~~alpha4/test/v3ext.c
Examining data/openssl-3.0.0~~alpha4/test/v3nametest.c
Examining data/openssl-3.0.0~~alpha4/test/verify_extra_test.c
Examining data/openssl-3.0.0~~alpha4/test/versions.c
Examining data/openssl-3.0.0~~alpha4/test/wpackettest.c
Examining data/openssl-3.0.0~~alpha4/test/x509_check_cert_pkey_test.c
Examining data/openssl-3.0.0~~alpha4/test/x509_dup_cert_test.c
Examining data/openssl-3.0.0~~alpha4/test/x509_internal_test.c
Examining data/openssl-3.0.0~~alpha4/test/x509_time_test.c
Examining data/openssl-3.0.0~~alpha4/test/x509aux.c
Examining data/openssl-3.0.0~~alpha4/util/check-format-test-negatives.c
Examining data/openssl-3.0.0~~alpha4/util/check-format-test-positives.c

FINAL RESULTS:

data/openssl-3.0.0~~alpha4/apps/rehash.c:69:9:  [5] (race) readlink:
  This accepts filename arguments; if an attacker can move those files or
  change the link content, a race condition results. Also, it does not
  terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
ssize_t readlink(const char *pathname, char *buf, size_t bufsiz)
data/openssl-3.0.0~~alpha4/apps/rehash.c:223:9:  [5] (race) readlink:
  This accepts filename arguments; if an attacker can move those files or
  change the link content, a race condition results. Also, it does not
  terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
    n = readlink(fullpath, linktarget, sizeof(linktarget));
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:33:11:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
#  define chmod   _chmod
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:242:5:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
    chmod(file, 0600);
data/openssl-3.0.0~~alpha4/include/openssl/bio.h:826:29:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
                      int (*gets) (BIO *, char *, int));
data/openssl-3.0.0~~alpha4/apps/cmp.c:24:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
# define access _access
data/openssl-3.0.0~~alpha4/apps/cmp.c:2894:24:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
                    || access(configfile, F_OK) != -1)) {
data/openssl-3.0.0~~alpha4/apps/engine.c:88:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p, s);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2292:12:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    return access(name, flag);
data/openssl-3.0.0~~alpha4/apps/lib/http_server.c:54:13:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
        if (vsnprintf(buf, sizeof(buf), fmt, ap) > 0)
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:907:25:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            p += strlen(strcpy(p, o->name));
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:912:25:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            p += strlen(strcpy(p, valtype2param(o)));
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:570:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (MsgBuff, "%02d-%s-%04d %02d:%02d:%02d [%08X] %s\n",
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:580:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf (stderr, MsgBuff, args);
data/openssl-3.0.0~~alpha4/apps/lib/win32_init.c:164:5:  [4] (buffer) wcscpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer.
    wcscpy(p, wcmdline);
data/openssl-3.0.0~~alpha4/apps/speed.c:2927:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(evp_hmac_name, "HMAC(%s)", md_name);
data/openssl-3.0.0~~alpha4/apps/speed.c:2947:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
data/openssl-3.0.0~~alpha4/apps/speed.c:3850:13:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
            printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
data/openssl-3.0.0~~alpha4/apps/speed.c:3865:17:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:126:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy((*ctx)->filespec, directory);
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:134:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(ctx_filespec_32p, (*ctx)->filespec);
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:147:21:  [4] (buffer) _tcscpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer.
                    _tcscpy(wdir + sz, TEXT("/*"));
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:149:21:  [4] (buffer) _tcscpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer.
                    _tcscpy(wdir + sz, TEXT("*"));
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:157:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(buf, directory);
data/openssl-3.0.0~~alpha4/crypto/bio/b_sock.c:270:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(*ip_port, host);
data/openssl-3.0.0~~alpha4/crypto/bio/b_sock.c:272:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(*ip_port, port);
data/openssl-3.0.0~~alpha4/crypto/bio/bio_local.h:160:26:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
# define UP_fprintf      fprintf
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:175:12:  [4] (format) _vsntprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#   define _vsntprintf _vsnwprintf
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:177:12:  [4] (format) _vsntprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#   define _vsntprintf _vsnprintf
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:345:5:  [4] (format) _vsntprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    _vsntprintf(buf, OSSL_NELEM(buf) - 1, fmt, ap);
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:405:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf(stderr, fmta, ap);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:197:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(merged, filespec2);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:199:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(&merged[spec2len + 1], filespec1);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:232:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(translated, "lib%s%s", filename, DSO_EXTENSION);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:234:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(translated, "%s%s", filename, DSO_EXTENSION);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:236:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(translated, "%s", filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:248:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(merged, filespec2);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:250:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(&merged[spec2len + 1], filespec1);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:276:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
            sprintf(translated, "lib%s" DSO_EXTENSION, filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:278:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
            sprintf(translated, "%s" DSO_EXTENSION, filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:280:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(translated, "%s", filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:188:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(p->imagename, ext);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:192:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(p->imagename, sp2);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:296:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(symname_32p, symname);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:400:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(filespec1_32p, filespec1);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:401:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(filespec2_32p, filespec2);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:462:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(not_translated, filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:475:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(translated, "%s.dll", filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:477:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(translated, "%s", filename);
data/openssl-3.0.0~~alpha4/crypto/engine/eng_ctrl.c:110:23:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        return strlen(strcpy(s, cdp->cmd_name));
data/openssl-3.0.0~~alpha4/crypto/engine/eng_ctrl.c:115:23:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        return strlen(strcpy(s, cdp->cmd_desc == NULL ? int_no_description
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:21:20:  [4] (crypto) EVP_des_cfb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
    EVP_add_cipher(EVP_des_cfb());
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:29:20:  [4] (crypto) EVP_des_ofb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
    EVP_add_cipher(EVP_des_ofb());
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:33:20:  [4] (crypto) EVP_desx_cbc:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
    EVP_add_cipher(EVP_desx_cbc());
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:37:20:  [4] (crypto) EVP_des_cbc:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
    EVP_add_cipher(EVP_des_cbc());
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:45:20:  [4] (crypto) EVP_des_ecb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
    EVP_add_cipher(EVP_des_ecb());
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:58:20:  [4] (crypto) EVP_rc4_40:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
    EVP_add_cipher(EVP_rc4_40());
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:97:20:  [4] (crypto) EVP_rc2_40_cbc:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
    EVP_add_cipher(EVP_rc2_40_cbc());
data/openssl-3.0.0~~alpha4/crypto/evp/c_allc.c:98:20:  [4] (crypto) EVP_rc2_64_cbc:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
    EVP_add_cipher(EVP_rc2_64_cbc());
data/openssl-3.0.0~~alpha4/crypto/evp/e_old.c:31:9:  [4] (crypto) EVP_des_cfb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
# undef EVP_des_cfb
data/openssl-3.0.0~~alpha4/crypto/evp/e_old.c:32:19:  [4] (crypto) EVP_des_cfb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_cfb(void);
data/openssl-3.0.0~~alpha4/crypto/evp/e_old.c:33:19:  [4] (crypto) EVP_des_cfb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_cfb(void)
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc2.c:79:19:  [4] (crypto) EVP_rc2_64_cbc:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
const EVP_CIPHER *EVP_rc2_64_cbc(void)
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc2.c:84:19:  [4] (crypto) EVP_rc2_40_cbc:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
const EVP_CIPHER *EVP_rc2_40_cbc(void)
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc4.c:70:19:  [4] (crypto) EVP_rc4_40:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
const EVP_CIPHER *EVP_rc4_40(void)
data/openssl-3.0.0~~alpha4/crypto/evp/e_xcbc_d.c:53:19:  [4] (crypto) EVP_desx_cbc:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_desx_cbc(void)
data/openssl-3.0.0~~alpha4/crypto/o_str.c:26:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(ret, str);
data/openssl-3.0.0~~alpha4/crypto/rand/rand_egd.c:72:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(addr.sun_path, path);
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:302:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(buf, s);
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:306:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(buf, s);
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:310:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(buf, RFILE);
data/openssl-3.0.0~~alpha4/crypto/s390xcap.c:33:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    (sscanf(tok_begin,                                                  \
data/openssl-3.0.0~~alpha4/crypto/s390xcap.c:52:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    (sscanf(tok_begin,                                                  \
data/openssl-3.0.0~~alpha4/crypto/s390xcap.c:679:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(buff, env);
data/openssl-3.0.0~~alpha4/crypto/sha/keccak1600.c:1242:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        printf(++i % 16 && i != sizeof(out) ? " " : "\n");
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_verify.c:404:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(failure_text, ts_failure_info[i].text);
data/openssl-3.0.0~~alpha4/engines/e_afalg.h:19:27:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define ALG_DGB(x, ...) fprintf(stderr, "ALG_DBG: " x, __VA_ARGS__)
data/openssl-3.0.0~~alpha4/engines/e_afalg.h:20:28:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define ALG_INFO(x, ...) fprintf(stderr, "ALG_INFO: " x, __VA_ARGS__)
data/openssl-3.0.0~~alpha4/engines/e_afalg.h:21:28:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define ALG_WARN(x, ...) fprintf(stderr, "ALG_WARN: " x, __VA_ARGS__)
data/openssl-3.0.0~~alpha4/engines/e_afalg.h:28:26:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
# define ALG_ERR(x, ...) fprintf(stderr, "ALG_ERR: " x, __VA_ARGS__)
data/openssl-3.0.0~~alpha4/engines/e_afalg.h:31:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                    fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \
data/openssl-3.0.0~~alpha4/engines/e_afalg.h:36:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                    fprintf(stderr, "ALG_PERR: " x, __VA_ARGS__); \
data/openssl-3.0.0~~alpha4/fuzz/test-corpus.c:82:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(pathname, argv[n]);
data/openssl-3.0.0~~alpha4/fuzz/test-corpus.c:89:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(pathname + dirname_len, filename);
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:814:19:  [4] (crypto) EVP_des_ecb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_ecb(void);
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:820:11:  [4] (crypto) EVP_des_cfb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
#  define EVP_des_cfb EVP_des_cfb64
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:829:19:  [4] (crypto) EVP_des_ofb:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_ofb(void);
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:832:19:  [4] (crypto) EVP_des_cbc:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_des_cbc(void);
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:835:19:  [4] (crypto) EVP_desx_cbc:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
const EVP_CIPHER *EVP_desx_cbc(void);
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:845:19:  [4] (crypto) EVP_rc4_40:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
const EVP_CIPHER *EVP_rc4_40(void);
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:860:19:  [4] (crypto) EVP_rc2_40_cbc:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
const EVP_CIPHER *EVP_rc2_40_cbc(void);
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:861:19:  [4] (crypto) EVP_rc2_64_cbc:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
const EVP_CIPHER *EVP_rc2_64_cbc(void);
data/openssl-3.0.0~~alpha4/ms/applink.c:107:49:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        OPENSSL_ApplinkTable[APPLINK_FPRINTF] = fprintf;
data/openssl-3.0.0~~alpha4/ssl/ssl_init.c:29:20:  [4] (crypto) EVP_des_cbc:
  DES only supports a 56-bit keysize, which is too small given today's
  computers (CWE-327). Use a different patent-free encryption algorithm with
  a larger keysize, such as 3DES or AES.
    EVP_add_cipher(EVP_des_cbc());
data/openssl-3.0.0~~alpha4/ssl/ssl_init.c:47:20:  [4] (crypto) EVP_rc2_40_cbc:
  These keysizes are too small given today's computers (CWE-327). Use a
  different patent-free encryption algorithm with a larger keysize, such as
  3DES or AES.
    EVP_add_cipher(EVP_rc2_40_cbc());
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:2762:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(p, c->name);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:5460:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(cursor, prefix);
data/openssl-3.0.0~~alpha4/ssl/ssl_mcnf.c:23:70:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system)
data/openssl-3.0.0~~alpha4/ssl/ssl_mcnf.c:37:25:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if (name == NULL && system)
data/openssl-3.0.0~~alpha4/ssl/ssl_mcnf.c:40:14:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if (!system) {
data/openssl-3.0.0~~alpha4/ssl/ssl_mcnf.c:51:10:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if (!system)
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:198:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy((char *)tls13tbs + TLS13_TBS_START_SIZE, servercontext);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:200:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy((char *)tls13tbs + TLS13_TBS_START_SIZE, clientcontext);
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:325:54:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    return fprintf(stdout, "%*s# ", tap_level, "") + vfprintf(stdout, fmt, ap);
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:330:54:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    return fprintf(stderr, "%*s# ", tap_level, "") + vfprintf(stderr, fmt, ap);
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:345:52:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    return fprintf(stdout, "%*s", tap_level, "") + vfprintf(stdout, fmt, ap);
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:350:52:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    return fprintf(stderr, "%*s", tap_level, "") + vfprintf(stderr, fmt, ap);
data/openssl-3.0.0~~alpha4/test/p_test.c:82:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(buf, greeting);
data/openssl-3.0.0~~alpha4/test/p_test.c:87:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    sprintf(buf, "Hello OpenSSL %.20s, greetings from %s!",
data/openssl-3.0.0~~alpha4/test/p_test.c:96:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(p->data, buf);
data/openssl-3.0.0~~alpha4/test/params_test.c:107:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(obj->p5, p5_init);
data/openssl-3.0.0~~alpha4/test/params_test.c:179:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(params->data, obj->p4);
data/openssl-3.0.0~~alpha4/test/params_test.c:186:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(params->data, obj->p5);
data/openssl-3.0.0~~alpha4/test/params_test.c:338:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(app_p4, app_p4_init);
data/openssl-3.0.0~~alpha4/test/params_test.c:339:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(app_p5, app_p5_init);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:157:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(client_log_buffer, line);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:173:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(server_log_buffer, line);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:2449:25:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                        printf((io1 == client_io) ?
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:2499:25:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                        printf((io2 == client_io) ?
data/openssl-3.0.0~~alpha4/test/testutil.h:241:56:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define PRINTF_FORMAT(a, b)   __attribute__ ((format(printf, a, b)))
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:406:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        p += strlen(strcpy(p, list[i]));
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:256:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p - strlen(r), r);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:262:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        tmp = getenv(arg + 4);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2396:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        && (prefix = getenv("HARNESS_OSSL_PREFIX")) != NULL) {
data/openssl-3.0.0~~alpha4/apps/openssl.c:236:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    setup_trace(getenv("OPENSSL_TRACE"));
data/openssl-3.0.0~~alpha4/apps/rehash.c:530:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    } else if ((env = getenv(X509_get_default_cert_dir_env())) != NULL) {
data/openssl-3.0.0~~alpha4/apps/s_time.c:242:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        cipher = getenv("SSL_CIPHER");
data/openssl-3.0.0~~alpha4/apps/vms_decc_init.c:78:31:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    openssl_debug_decc_init = getenv("OPENSSL_DEBUG_DECC_INIT");
data/openssl-3.0.0~~alpha4/crypto/armcap.c:112:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((e = getenv("OPENSSL_armcap"))) {
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:49:24:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
#   define ossl_getenv getenv
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:525:11:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
    dll = LoadLibrary(TEXT(DLLNAME));
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:624:11:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
    dll = LoadLibrary(TEXT(DLLNAME));
data/openssl-3.0.0~~alpha4/crypto/getenv.c:29:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    return getenv(name);
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:138:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        no_proxy = getenv("no_proxy");
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:140:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        no_proxy = getenv(OPENSSL_NO_PROXY);
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:161:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        proxy = getenv(use_ssl ? "https_proxy" : "http_proxy");
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:163:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        proxy = getenv(use_ssl ? OPENSSL_HTTP_PROXY :
data/openssl-3.0.0~~alpha4/crypto/info.c:52:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((env = getenv("OPENSSL_ia32cap")) != NULL)
data/openssl-3.0.0~~alpha4/crypto/info.c:61:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((env = getenv("OPENSSL_armcap")) != NULL)
data/openssl-3.0.0~~alpha4/crypto/info.c:97:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((env = getenv("OPENSSL_s390xcap")) != NULL)
data/openssl-3.0.0~~alpha4/crypto/mem.c:121:11:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#  define random() rand()
data/openssl-3.0.0~~alpha4/crypto/mem.c:128:22:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    int roll = (int)(random() % 100);
data/openssl-3.0.0~~alpha4/crypto/mem.c:156:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
data/openssl-3.0.0~~alpha4/crypto/mem.c:160:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:258:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((e = getenv("OPENSSL_ppccap"))) {
data/openssl-3.0.0~~alpha4/crypto/s390xcap.c:138:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    env = getenv("OPENSSL_s390xcap");
data/openssl-3.0.0~~alpha4/crypto/sparcv9cap.c:160:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((e = getenv("OPENSSL_sparcv9cap"))) {
data/openssl-3.0.0~~alpha4/crypto/threads_win.c:34:5:  [3] (misc) InitializeCriticalSection:
  Exceptions can be thrown in low-memory situations. Use
  InitializeCriticalSectionAndSpinCount instead.
    InitializeCriticalSection(lock);
data/openssl-3.0.0~~alpha4/crypto/threads_win.c:42:5:  [3] (misc) EnterCriticalSection:
  On some versions of Windows, exceptions can be thrown in low-memory
  situations. Use InitializeCriticalSectionAndSpinCount instead.
    EnterCriticalSection(lock);
data/openssl-3.0.0~~alpha4/crypto/threads_win.c:48:5:  [3] (misc) EnterCriticalSection:
  On some versions of Windows, exceptions can be thrown in low-memory
  situations. Use InitializeCriticalSectionAndSpinCount instead.
    EnterCriticalSection(lock);
data/openssl-3.0.0~~alpha4/engines/e_capi.c:468:27:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
        HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL"));
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c:158:26:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
            ts.tv_nsec = random();
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:5311:32:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        *out = s->clienthello->random;
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:724:19:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    unsigned char random[SSL3_RANDOM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:1521:29:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        memset(clienthello->random, 0, SSL3_RANDOM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:1535:50:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        if (!PACKET_copy_bytes(pkt, clienthello->random, SSL3_RANDOM_SIZE)
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:1660:46:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    memcpy(s->s3.client_random, clienthello->random, SSL3_RANDOM_SIZE);
data/openssl-3.0.0~~alpha4/test/ct_test.c:523:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((ct_dir = getenv("CT_DIR")) == NULL)
data/openssl-3.0.0~~alpha4/test/ct_test.c:525:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((certs_dir = getenv("CERTS_DIR")) == NULL)
data/openssl-3.0.0~~alpha4/test/sslapitest.c:8280:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("OPENSSL_TEST_GETCOUNTS") != NULL) {
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:102:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *test_seed = getenv("OPENSSL_TEST_RAND_ORDER");
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:103:24:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *TAP_levels = getenv("HARNESS_OSSL_LEVEL");
data/openssl-3.0.0~~alpha4/test/testutil/testutil_init.c:138:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    setup_trace(getenv("OPENSSL_TRACE"));
data/openssl-3.0.0~~alpha4/apps/ca.c:283:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char new_cert[PATH_MAX];
data/openssl-3.0.0~~alpha4/apps/ca.c:284:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[10 + 1] = "\0";
data/openssl-3.0.0~~alpha4/apps/ca.c:355:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            days = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/ca.c:428:23:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            crldays = atol(opt_arg());
data/openssl-3.0.0~~alpha4/apps/ca.c:431:24:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            crlhours = atol(opt_arg());
data/openssl-3.0.0~~alpha4/apps/ca.c:434:22:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            crlsec = atol(opt_arg());
data/openssl-3.0.0~~alpha4/apps/ca.c:695:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        if (!check_time_format((char *)pp[DB_exp_date])) {
data/openssl-3.0.0~~alpha4/apps/ca.c:1460:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[25];
data/openssl-3.0.0~~alpha4/apps/ca.c:1914:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(row[DB_exp_date], tm->data, tm->length);
data/openssl-3.0.0~~alpha4/apps/ca.c:2108:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *row[DB_NUMBER], **rrow, **irow;
data/openssl-3.0.0~~alpha4/apps/ca.c:2147:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(row[DB_exp_date], tm->data, tm->length);
data/openssl-3.0.0~~alpha4/apps/ca.c:2212:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *row[DB_NUMBER], **rrow;
data/openssl-3.0.0~~alpha4/apps/ca.c:2230:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(row[DB_serial] + 1, serial, serial_len);
data/openssl-3.0.0~~alpha4/apps/ca.c:2234:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(row[DB_serial], serial, serial_len);
data/openssl-3.0.0~~alpha4/apps/ca.c:2295:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a_tm_s, a_tm->data, a_tm->length);
data/openssl-3.0.0~~alpha4/apps/ca.c:2511:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[25], *pbuf;
data/openssl-3.0.0~~alpha4/apps/ciphers.c:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[512];
data/openssl-3.0.0~~alpha4/apps/cmp.c:76:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char server_port_s[32] = { '\0' };
data/openssl-3.0.0~~alpha4/apps/cmp.c:699:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tpass[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/apps/cmp.c:2082:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char server_buf[200] = { '\0' };
data/openssl-3.0.0~~alpha4/apps/cmp.c:2083:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char proxy_buf[200] = { '\0' };
data/openssl-3.0.0~~alpha4/apps/cmp.c:2152:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char id_buf[100] = "id-it-";
data/openssl-3.0.0~~alpha4/apps/cmp.c:2303:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/openssl-3.0.0~~alpha4/apps/cmp.c:2319:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char opt_item[SECTION_NAME_MAX + 1];
data/openssl-3.0.0~~alpha4/apps/cmp.c:2443:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *conf_argv[3];
data/openssl-3.0.0~~alpha4/apps/cmp.c:2444:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char arg1[82];
data/openssl-3.0.0~~alpha4/apps/cmp_mock_srv.c:287:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[OSSL_CMP_PKISI_BUFLEN];
data/openssl-3.0.0~~alpha4/apps/crl.c:323:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/enc.c:106:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[128];
data/openssl-3.0.0~~alpha4/apps/enc.c:117:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mbuf[sizeof(magic) - 1];
data/openssl-3.0.0~~alpha4/apps/enc.c:123:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/apps/enc.c:358:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char prompt[200];
data/openssl-3.0.0~~alpha4/apps/enc.c:484:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char tmpkeyiv[EVP_MAX_KEY_LENGTH + EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/apps/enc.c:495:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(key, tmpkeyiv, iklen);
data/openssl-3.0.0~~alpha4/apps/enc.c:496:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(iv, tmpkeyiv+iklen, ivlen);
data/openssl-3.0.0~~alpha4/apps/engine.c:249:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[256];
data/openssl-3.0.0~~alpha4/apps/engine.c:262:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, cmd, (int)(arg - cmd));
data/openssl-3.0.0~~alpha4/apps/engine.c:289:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[256];
data/openssl-3.0.0~~alpha4/apps/errstr.c:37:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256], *prog;
data/openssl-3.0.0~~alpha4/apps/fipsinstall.c:278:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char module_mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/fipsinstall.c:280:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char install_mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/kdf.c:77:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            dkm_len = (size_t)atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/lib/app_params.c:88:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[200];       /* This should be ample space */
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *tmp, tpass[APP_PASS_LEN];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:287:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            i = atoi(arg + 3);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1210:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1254:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1][BSIZE];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1305:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2][BSIZE];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1376:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BSIZE];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1464:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[3][BSIZE];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1512:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[5][BSIZE];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1715:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tbuf[1024];
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2117:14:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
        if (!MultiByteToWideChar(CP_ACP, 0, from, flen, (WCHAR *)tfrom, flen))
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2122:14:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
        if (!MultiByteToWideChar(CP_ACP, 0, to, tlen, (WCHAR *)tto, tlen))
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2498:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open(filename, mode, 0600, "ctx=bin");
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2501:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open(filename, mode, 0600);
data/openssl-3.0.0~~alpha4/apps/lib/http_server.c:52:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/openssl-3.0.0~~alpha4/apps/lib/http_server.c:263:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char reqbuf[2048], inbuf[2048];
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:43:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char prog[40];
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:555:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        i = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:560:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        i = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:872:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char start[80 + 1];
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:929:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char start[80 + 1];
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:974:10:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    if (!MultiByteToWideChar(CP_ACP, 0, name, len_0, tempname, MAX_PATH))
data/openssl-3.0.0~~alpha4/apps/lib/s_cb.c:37:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
data/openssl-3.0.0~~alpha4/apps/lib/s_cb.c:626:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            BIO_printf(bio, " %02x", ((const unsigned char *)buf)[i]);
data/openssl-3.0.0~~alpha4/apps/lib/s_cb.c:782:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buffer, &port, sizeof(port));
data/openssl-3.0.0~~alpha4/apps/lib/s_cb.c:828:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char result[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/lib/s_socket.c:324:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char sink[64];
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:100:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char TerminalDeviceBuff[255 + 2];
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:129:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char TermBuff[80];
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:293:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char AscTimeBuff[32];
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:356:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (AscTimeBuff, "0 0:0:%02d.00", SOCKET_PAIR_TIMEOUT_VALUE);
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:553:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char MsgBuff[256];
data/openssl-3.0.0~~alpha4/apps/ocsp.c:269:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            req_timeout = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/ocsp.c:455:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            ndays = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/ocsp.c:508:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            multi = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/ocsp.c:1136:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *itmp, *row[DB_NUMBER], **rrow;
data/openssl-3.0.0~~alpha4/apps/openssl.c:92:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[256], *hex;
data/openssl-3.0.0~~alpha4/apps/openssl.c:313:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *new_argv[3];
data/openssl-3.0.0~~alpha4/apps/passwd.c:28:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned const char cov_2char[64] = {
data/openssl-3.0.0~~alpha4/apps/passwd.c:257:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            static char *passwds_static[2] = { NULL, NULL };
data/openssl-3.0.0~~alpha4/apps/passwd.c:297:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char trash[BUFSIZ];
data/openssl-3.0.0~~alpha4/apps/passwd.c:335:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char out_buf[6 + 9 + 24 + 2];
data/openssl-3.0.0~~alpha4/apps/passwd.c:336:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MD5_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/passwd.c:337:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ascii_magic[5];         /* "apr1" plus '\0' */
data/openssl-3.0.0~~alpha4/apps/passwd.c:338:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ascii_salt[9];          /* Max 8 chars plus '\0' */
data/openssl-3.0.0~~alpha4/apps/passwd.c:462:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char buf_perm[sizeof(buf)];
data/openssl-3.0.0~~alpha4/apps/passwd.c:528:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char out_buf[3 + 17 + 17 + 86 + 1];
data/openssl-3.0.0~~alpha4/apps/passwd.c:529:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[SHA512_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/passwd.c:530:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char temp_buf[SHA512_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/passwd.c:532:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ascii_magic[2];
data/openssl-3.0.0~~alpha4/apps/passwd.c:533:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ascii_salt[17];          /* Max 16 chars plus '\0' */
data/openssl-3.0.0~~alpha4/apps/passwd.c:609:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char tmp_buf[80]; /* "rounds=999999999" */
data/openssl-3.0.0~~alpha4/apps/passwd.c:610:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(tmp_buf, "rounds=%u", rounds);
data/openssl-3.0.0~~alpha4/apps/passwd.c:673:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(cp, temp_buf, buf_size);
data/openssl-3.0.0~~alpha4/apps/passwd.c:674:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cp, temp_buf, n);
data/openssl-3.0.0~~alpha4/apps/passwd.c:690:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(cp, temp_buf, buf_size);
data/openssl-3.0.0~~alpha4/apps/passwd.c:691:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cp, temp_buf, n);
data/openssl-3.0.0~~alpha4/apps/pkcs12.c:144:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
data/openssl-3.0.0~~alpha4/apps/pkcs8.c:81:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pass[APP_PASS_LEN];
data/openssl-3.0.0~~alpha4/apps/pkeyutl.c:214:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            kdflen = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/pkeyutl.c:321:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char passwd_buf[4096];
data/openssl-3.0.0~~alpha4/apps/pkeyutl.c:674:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tbuf[TBUF_MAXSIZE];
data/openssl-3.0.0~~alpha4/apps/prime.c:69:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            bits = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/rand.c:113:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char buf[4096];
data/openssl-3.0.0~~alpha4/apps/rehash.c:81:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/rehash.c:186:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ep->digest, digest, evpmdsize);
data/openssl-3.0.0~~alpha4/apps/rehash.c:200:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char linktarget[PATH_MAX], *endptr;
data/openssl-3.0.0~~alpha4/apps/rehash.c:241:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/rehash.c:336:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char idmask[MAX_COLLISIONS / 8];
data/openssl-3.0.0~~alpha4/apps/rehash.c:531:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char lsc[2] = { LIST_SEPARATOR_CHAR, '\0' };
data/openssl-3.0.0~~alpha4/apps/req.c:401:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            days = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/req.c:1093:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[100];
data/openssl-3.0.0~~alpha4/apps/req.c:1326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/openssl-3.0.0~~alpha4/apps/req.c:1346:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/openssl-3.0.0~~alpha4/apps/req.c:1463:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, name, name_len);
data/openssl-3.0.0~~alpha4/apps/req.c:1464:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + name_len, tail, tail_len + 1);
data/openssl-3.0.0~~alpha4/apps/req.c:1483:18:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        keylen = atol(gstr);
data/openssl-3.0.0~~alpha4/apps/req.c:1515:26:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                keylen = atol(p + 1);
data/openssl-3.0.0~~alpha4/apps/s_client.c:150:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(psk, key, key_len);
data/openssl-3.0.0~~alpha4/apps/s_client.c:395:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pem_name[100];
data/openssl-3.0.0~~alpha4/apps/s_client.c:396:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ext_buf[4 + 65536];
data/openssl-3.0.0~~alpha4/apps/s_client.c:404:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ext_buf + 4, in, inlen);
data/openssl-3.0.0~~alpha4/apps/s_client.c:1127:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            verify_args.depth = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1299:32:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            srp_arg.strength = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1381:26:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            socket_mtu = atol(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1484:58:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    serverinfo_types[serverinfo_count] = atoi(p + start);
data/openssl-3.0.0~~alpha4/apps/s_client.c:1510:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            keymatexportlen = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1516:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            len = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1538:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            max_send_fragment = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1541:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            split_send_fragment = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1544:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            max_pipelines = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_client.c:1547:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            read_buf_len = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:178:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(psk, key, key_len);
data/openssl-3.0.0~~alpha4/apps/s_server.c:313:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[1];
data/openssl-3.0.0~~alpha4/apps/s_server.c:1213:23:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            naccept = atol(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1217:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            verify_args.depth = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1225:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            verify_args.depth = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1403:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            tlscstatp.timeout = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1567:26:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            socket_mtu = atol(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1623:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            keymatexportlen = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1629:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            max_send_fragment = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1632:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            split_send_fragment = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1635:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            max_pipelines = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1638:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            read_buf_len = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1644:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            max_early_data = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:1651:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            recv_max_early_data = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/s_server.c:2929:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFSIZ];
data/openssl-3.0.0~~alpha4/apps/s_server.c:3639:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(id, session_id_prefix,
data/openssl-3.0.0~~alpha4/apps/s_time.c:117:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024 * 8];
data/openssl-3.0.0~~alpha4/apps/speed.c:328:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *names[ALGOR_NUM] = {
data/openssl-3.0.0~~alpha4/apps/speed.c:615:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md2[MD2_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:632:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mdc2[MDC2_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:649:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md4[MD4_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:666:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md5[MD5_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:679:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hmac[MD5_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:697:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:708:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha256[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:719:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha512[SHA512_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:732:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:745:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/apps/speed.c:770:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char DES_iv[8];
data/openssl-3.0.0~~alpha4/apps/speed.c:797:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
data/openssl-3.0.0~~alpha4/apps/speed.c:936:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tag[12];
data/openssl-3.0.0~~alpha4/apps/speed.c:972:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aad[13] = { 0xcc };
data/openssl-3.0.0~~alpha4/apps/speed.c:973:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char faketag[16] = { 0xcc };
data/openssl-3.0.0~~alpha4/apps/speed.c:1000:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/speed.c:1017:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char no_key[32];
data/openssl-3.0.0~~alpha4/apps/speed.c:1038:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const char key[16] = "This is a key...";
data/openssl-3.0.0~~alpha4/apps/speed.c:1039:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac[16];
data/openssl-3.0.0~~alpha4/apps/speed.c:1535:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char key16[16] = {
data/openssl-3.0.0~~alpha4/apps/speed.c:1539:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char key24[24] = {
data/openssl-3.0.0~~alpha4/apps/speed.c:1544:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char key32[32] = {
data/openssl-3.0.0~~alpha4/apps/speed.c:1731:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            multi = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/speed.c:1736:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            async_jobs = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/speed.c:1787:56:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                        = seconds.sm2 = seconds.ffdh = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/speed.c:1790:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            lengths_single = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/speed.c:4134:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char isdelim[256];
data/openssl-3.0.0~~alpha4/apps/speed.c:4197:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/openssl-3.0.0~~alpha4/apps/speed.c:4217:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                alg = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4228:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                k = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4244:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                k = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4260:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                k = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4273:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                k = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4283:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                k = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4299:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                k = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4317:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                k = atoi(sstrsep(&p, sep));
data/openssl-3.0.0~~alpha4/apps/speed.c:4347:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *inp, *out, *key, no_key[32], no_iv[16];
data/openssl-3.0.0~~alpha4/apps/speed.c:4374:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
data/openssl-3.0.0~~alpha4/apps/srp.c:123:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char password[1025];
data/openssl-3.0.0~~alpha4/apps/srp.c:160:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char password[1025];
data/openssl-3.0.0~~alpha4/apps/srp.c:440:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char *row[DB_NUMBER];
data/openssl-3.0.0~~alpha4/apps/ts.c:506:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char buffer[4096];
data/openssl-3.0.0~~alpha4/apps/ts.c:542:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/apps/ts.c:560:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nonce->data, buf + i, nonce->length);
data/openssl-3.0.0~~alpha4/apps/ts.c:783:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/openssl-3.0.0~~alpha4/apps/x509.c:275:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            days = atoi(opt_arg());
data/openssl-3.0.0~~alpha4/apps/x509.c:828:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/apps/x509.c:980:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, CAfile, len);
data/openssl-3.0.0~~alpha4/apps/x509.c:981:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf + len, POSTFIX, sizeof(POSTFIX));
data/openssl-3.0.0~~alpha4/crypto/LPdir_unix.c:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char entry_name[LP_ENTRY_SIZE + 1];
data/openssl-3.0.0~~alpha4/crypto/LPdir_unix.c:81:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char previous_entry_name[LP_ENTRY_SIZE + 1];
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filespec[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char result[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:82:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ctx_filespec_32[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:127:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat((*ctx)->filespec, "*.*;");
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char entry_name[NAME_MAX + 1];
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:107:27:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
                if ((sz = MultiByteToWideChar((cp = CP_UTF8), 0,
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:113:22:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
                sz = MultiByteToWideChar((cp = CP_ACP), 0,
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:124:22:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
                if (!MultiByteToWideChar(cp, 0, directory, len_0,
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:159:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                    strcpy(buf + dirlen, "/*");
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:41:34:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
# define load_block(d, s)        memcpy((d).data, (s), AES_BLOCK_SIZE)
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:42:34:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
# define store_block(d, s)       memcpy((d), (s).data, AES_BLOCK_SIZE)
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:88:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:89:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:113:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec, iv.data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:114:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:141:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:142:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:167:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec, iv.data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:168:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:195:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:196:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp2[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:197:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp3[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:198:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char prev[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:222:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(prev, in, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:238:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp, out, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:257:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(prev, tmp, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:270:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp, in, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:271:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp2, in, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:277:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:288:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp, out, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:289:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp2, out, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aes/aes_ige.c:295:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:693:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(rk_head, rk_tail, ARIA_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:756:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sb1[256] = {
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:791:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sb2[256] = {
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:826:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sb3[256] = {
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:861:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sb4[256] = {
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:1130:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(w0.c, userKey, sizeof(w0));
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:1147:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(kr.c, userKey + ARIA_BLOCK_SIZE, sizeof(kr) / 2);
data/openssl-3.0.0~~alpha4/crypto/aria/aria.c:1156:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(kr.c, userKey + ARIA_BLOCK_SIZE, sizeof(kr));
data/openssl-3.0.0~~alpha4/crypto/asn1/a_bitstr.c:71:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, d, len);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_bitstr.c:122:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s, p, (int)len);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_int.c:231:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static size_t asn1_put_uint64(unsigned char b[sizeof(uint64_t)], uint64_t r)
data/openssl-3.0.0~~alpha4/crypto/asn1/a_int.c:334:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tbuf[sizeof(r)];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_int.c:373:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tbuf[sizeof(r)];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_int.c:431:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s, p, (int)len);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_int.c:608:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[sizeof(uint64_t)];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_int.c:624:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[sizeof(uint64_t)];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_mbstr.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char strbuf[32];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_object.c:43:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, a->data, a->length);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_object.c:56:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ftmp[24], *tmp = ftmp;
data/openssl-3.0.0~~alpha4/crypto/asn1/a_object.c:187:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80], *p = buf;
data/openssl-3.0.0~~alpha4/crypto/asn1/a_object.c:315:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(data, p, length);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_print.c:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_sign.c:162:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char aid[128];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_strex.c:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmphex[HEX_SIZE(long) + 3];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_strex.c:205:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char utfbuf[6];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_strex.c:239:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hextmp[2];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_strex.c:430:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char objtmp[80];
data/openssl-3.0.0~~alpha4/crypto/asn1/a_time.c:424:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(t.data, str + 2, t.length);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_time.c:465:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char _asn1_mon[12][4] = {
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_gen.c:228:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, cpy_start, cpy_len);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_gen.c:353:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char erch[2];
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_lib.c:313:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(str->data, data, len);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_par.c:25:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[128];
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:238:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bound[33], c;
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:496:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char linebuf[MAX_SMLEN];
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:540:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char iobuf[4096];
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:576:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char linebuf[MAX_SMLEN];
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:641:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char linebuf[MAX_SMLEN];
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_moid.c:92:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(lntmp, ln, p - ln);
data/openssl-3.0.0~~alpha4/crypto/asn1/evp_asn1.c:45:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(data, p, num);
data/openssl-3.0.0~~alpha4/crypto/asn1/evp_asn1.c:108:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(data, ASN1_STRING_get0_data(atmp->oct), n);
data/openssl-3.0.0~~alpha4/crypto/asn1/f_int.c:20:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2];
data/openssl-3.0.0~~alpha4/crypto/asn1/f_string.c:20:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2];
data/openssl-3.0.0~~alpha4/crypto/asn1/i2d_pr.c:54:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(*pp, buf->data, ret);
data/openssl-3.0.0~~alpha4/crypto/asn1/p5_pbe.c:54:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(sstr, salt, saltlen);
data/openssl-3.0.0~~alpha4/crypto/asn1/p5_pbev2.c:47:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/asn1/p5_pbev2.c:69:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
data/openssl-3.0.0~~alpha4/crypto/asn1/p5_pbev2.c:172:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(osalt->data, salt, saltlen);
data/openssl-3.0.0~~alpha4/crypto/asn1/p5_scrypt.c:48:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/asn1/p5_scrypt.c:84:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
data/openssl-3.0.0~~alpha4/crypto/asn1/p5_scrypt.c:216:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_dec.c:1054:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf->data + len, *p, plen);
data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_enc.c:421:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, tder->data, tder->length);
data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_enc.c:611:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(cout, cont, len);
data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_prn.c:408:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char objbuf[80];
data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_utl.c:174:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(enc->enc, in, inlen);
data/openssl-3.0.0~~alpha4/crypto/asn1/tasn_utl.c:189:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*out, enc->enc, enc->len);
data/openssl-3.0.0~~alpha4/crypto/asn1/x_int64.c:110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cp, &utmp, sizeof(utmp));
data/openssl-3.0.0~~alpha4/crypto/asn1/x_int64.c:219:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cp, &utmp2, sizeof(utmp2));
data/openssl-3.0.0~~alpha4/crypto/asn1/x_long.c:51:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
data/openssl-3.0.0~~alpha4/crypto/asn1/x_long.c:57:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pval, &it->size, COPY_SIZE(*pval, it->size));
data/openssl-3.0.0~~alpha4/crypto/asn1/x_long.c:92:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ltmp, pval, COPY_SIZE(*pval, ltmp));
data/openssl-3.0.0~~alpha4/crypto/asn1/x_long.c:185:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pval, &ltmp, COPY_SIZE(*pval, ltmp));
data/openssl-3.0.0~~alpha4/crypto/asn1/x_long.c:194:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&l, pval, COPY_SIZE(*pval, l));
data/openssl-3.0.0~~alpha4/crypto/async/async.c:236:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->currjob->funcargs, args, size);
data/openssl-3.0.0~~alpha4/crypto/bf/bf_ofb64.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char d[8];
data/openssl-3.0.0~~alpha4/crypto/bf/bf_skey.c:28:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(key, &bf_init, sizeof(BF_KEY));
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:69:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ap->s_in), sa, sizeof(struct sockaddr_in));
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:74:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ap->s_in6), sa, sizeof(struct sockaddr_in6));
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:80:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ap->s_un), sa, sizeof(struct sockaddr_un));
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:157:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, addrptr, len);
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:198:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char host[NI_MAXHOST] = "", serv[NI_MAXSERV] = "";
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:242:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char serv[6];        /* port is 16 bits => max 5 decimal digits */
data/openssl-3.0.0~~alpha4/crypto/bio/b_dump.c:33:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[288 + 1];
data/openssl-3.0.0~~alpha4/crypto/bio/b_dump.c:53:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                    strcpy(buf + n, "   ");
data/openssl-3.0.0~~alpha4/crypto/bio/b_dump.c:63:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(buf + n, "  ");
data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c:424:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char convert[DECIMAL_SIZE(value) + 3];
data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c:552:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char iconvert[20];
data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c:553:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fconvert[20];
data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c:554:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char econvert[20];
data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c:833:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(*buffer, *sbuffer, *currlen);
data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c:874:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hugebuf[1024 * 2];     /* Was previously 10k, which is unreasonable
data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c:109:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, &(ctx->ibuf[ctx->ibuf_off]), i);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c:176:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, inl);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c:184:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, i);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c:300:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->ibuf, ptr, (int)num);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c:391:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char fake_buf[1];
data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c:396:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, &(ctx->ibuf[ctx->ibuf_off]), num);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_lbuf.c:145:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&(ctx->obuf[ctx->obuf_len]), in, p - in);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_lbuf.c:151:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&(ctx->obuf[ctx->obuf_len]), in, i);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_lbuf.c:198:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
data/openssl-3.0.0~~alpha4/crypto/bio/bf_lbuf.c:246:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p, ctx->obuf, ctx->obuf_len);
data/openssl-3.0.0~~alpha4/crypto/bio/bio_cb.c:21:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/openssl-3.0.0~~alpha4/crypto/bio/bio_local.h:168:26:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
# define UP_fopen        fopen
data/openssl-3.0.0~~alpha4/crypto/bio/bio_local.h:182:27:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#  define UP_open         open
data/openssl-3.0.0~~alpha4/crypto/bio/bss_bio.c:170:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, peer_b->buf + peer_b->offset, chunk);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_bio.c:326:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(b->buf + write_offset, buf, chunk);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:234:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:580:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, &data->peer, (ret = num));
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:586:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1015:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cmsgbuf[512];
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1248:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1253:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1427:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1522:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, &(data->sndinfo), num);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1530:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(data->sndinfo), ptr, num);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1537:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, &data->rcvinfo, num);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1546:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(data->rcvinfo), ptr, num);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1553:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, &(data->prinfo), num);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1561:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(data->prinfo), ptr, num);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_file.c:185:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char p[4];
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:133:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char str[10];
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:203:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, in, inl);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:254:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pidbuf[DECIMAL_SIZE(DWORD) + 4];
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:283:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(pidbuf, "[%lu] ", GetCurrentProcessId());
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:327:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[10240];
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:370:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:372:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&opcdef_p->opc$l_ms_text, buf, len);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_mem.c:205:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, bm->data, ret);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_mem.c:238:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bbm->buf->data + blen, in, inl);
data/openssl-3.0.0~~alpha4/crypto/bn/bn_ctx.c:289:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(newitems, st->indexes, sizeof(*newitems) * st->depth);
data/openssl-3.0.0~~alpha4/crypto/bn/bn_intern.c:166:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in->d, sizeof(*out) * in->top);
data/openssl-3.0.0~~alpha4/crypto/bn/bn_intern.c:195:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a->d, words, sizeof(BN_ULONG) * num_words);
data/openssl-3.0.0~~alpha4/crypto/bn/bn_lib.c:276:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(a, b->d, sizeof(*a) * b->top);
data/openssl-3.0.0~~alpha4/crypto/bn/bn_lib.c:337:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(a->d, b->d, sizeof(b->d[0]) * bn_words);
data/openssl-3.0.0~~alpha4/crypto/bn/bn_print.c:59:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char data[16];
data/openssl-3.0.0~~alpha4/crypto/bn/bn_rand.c:248:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char random_bytes[64];
data/openssl-3.0.0~~alpha4/crypto/bn/bn_rand.c:249:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[SHA512_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/bn/bn_rand.c:253:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char private_bytes[96];
data/openssl-3.0.0~~alpha4/crypto/bn/bn_rand.c:298:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(k_bytes + done, digest, todo);
data/openssl-3.0.0~~alpha4/crypto/bn/rsaz_exp.c:62:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char storage[320 * 3 + 32 * 9 * 16 + 64]; /* 5.5KB */
data/openssl-3.0.0~~alpha4/crypto/bn/rsaz_exp.c:262:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char storage[16 * 8 * 8 + 64 * 2 + 64]; /* 1.2KB */
data/openssl-3.0.0~~alpha4/crypto/buffer/buffer.c:65:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ret, str->data, str->length);
data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_ctr.c:19:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_ctr.c:19:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_ctr.c:21:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[CAMELLIA_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/crypto/camellia/cmll_ctr.c:22:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/crypto/cast/c_ofb64.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char d[8];
data/openssl-3.0.0~~alpha4/crypto/chacha/chacha_enc.c:73:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/chacha/chacha_enc.c:73:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char k1[EVP_MAX_BLOCK_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:28:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char k2[EVP_MAX_BLOCK_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:30:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tbl[EVP_MAX_BLOCK_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:32:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char last_block[EVP_MAX_BLOCK_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:103:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out->k1, in->k1, bl);
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:104:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out->k2, in->k2, bl);
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:105:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out->tbl, in->tbl, bl);
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:106:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out->last_block, in->last_block, bl);
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:114:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH] = { 0 };
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:181:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->last_block + ctx->nlast_block, data, nleft);
data/openssl-3.0.0~~alpha4/crypto/cmac/cmac.c:200:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->last_block, data, dlen);
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_client.c:211:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[OSSL_CMP_PKISI_BUFLEN];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_client.c:275:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char str[OSSL_CMP_PKISI_BUFLEN];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_client.c:412:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[OSSL_CMP_PKISI_BUFLEN];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_client.c:757:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[OSSL_CMP_PKISI_BUFLEN];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_ctx.c:331:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hugebuf[1024 * 2];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_http.c:40:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char server_port[32] = { '\0' };
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_msg.c:895:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[DECIMAL_SIZE(rid) + 1];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_status.c:59:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[40];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_util.c:51:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char level_copy[max_level_len + 1];
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_util.c:155:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msg[ERR_PRINT_BUF_SIZE];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_asn1.c:386:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char kl[4];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_dd.c:58:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_enc.c:29:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
data/openssl-3.0.0~~alpha4/crypto/cms/cms_enc.c:175:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ec->key, key, keylen);
data/openssl-3.0.0~~alpha4/crypto/cms/cms_ess.c:232:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dig[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_ess.c:258:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dig[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_kari.c:207:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char kek[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_pwri.c:52:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_pwri.c:225:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, tmp + 4, *outlen);
data/openssl-3.0.0~~alpha4/crypto/cms/cms_pwri.c:260:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out + 4, in, inlen);
data/openssl-3.0.0~~alpha4/crypto/cms/cms_sd.c:613:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_sd.c:629:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_sd.c:862:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mval[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/cms/cms_smime.c:40:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[4096];
data/openssl-3.0.0~~alpha4/crypto/conf/conf_api.c:194:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(v->section, section, i);
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:197:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char btmp[DECIMAL_SIZE(eline) + 1];
data/openssl-3.0.0~~alpha4/crypto/conf/conf_mod.c:210:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char rcode[DECIMAL_SIZE(ret) + 1];
data/openssl-3.0.0~~alpha4/crypto/crmf/crmf_pbm.c:129:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char basekey[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/crmf/crmf_pbm.c:229:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[128];
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:264:5:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    TCHAR buf[256];
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:302:18:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
            if (!MultiByteToWideChar(CP_ACP, 0, fmta, len_0, fmtw, len_0))
data/openssl-3.0.0~~alpha4/crypto/ct/ct_oct.c:193:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, sct->sig, sct->sig_len);
data/openssl-3.0.0~~alpha4/crypto/ct/ct_oct.c:239:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, sct->log_id, CT_V1_HASHLEN);
data/openssl-3.0.0~~alpha4/crypto/ct/ct_oct.c:244:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p, sct->ext, sct->ext_len);
data/openssl-3.0.0~~alpha4/crypto/ct/ct_oct.c:250:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, sct->sct, len);
data/openssl-3.0.0~~alpha4/crypto/ct/ct_prn.c:34:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char genstr[20];
data/openssl-3.0.0~~alpha4/crypto/ct/ct_vfy.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmpbuf[12];
data/openssl-3.0.0~~alpha4/crypto/des/cfb64ede.c:101:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ovec[16];
data/openssl-3.0.0~~alpha4/crypto/des/cfb_enc.c:41:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ovec[16];
data/openssl-3.0.0~~alpha4/crypto/des/ecb_enc.c:24:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[12];
data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c:34:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned const char con_salt[128] = {
data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c:53:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned const char cov_2char[64] = {
data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c:66:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buff[14];
data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char e_salt[2 + 1];
data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char e_buf[32 + 1];         /* replace 32 by 8 ? */
data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c:104:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bb[9];
data/openssl-3.0.0~~alpha4/crypto/des/set_key.c:28:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char odd_parity[256] = {
data/openssl-3.0.0~~alpha4/crypto/des/str2key.c:73:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(key2, key1, 8);
data/openssl-3.0.0~~alpha4/crypto/dh/dh_meth.c:51:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret, dhm, sizeof(*dhm));
data/openssl-3.0.0~~alpha4/crypto/dh/dh_pmeth.c:235:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        len = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dh/dh_pmeth.c:241:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        len = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dh/dh_pmeth.c:260:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        len = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dh/dh_pmeth.c:265:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        len = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dh/dh_pmeth.c:270:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        typ = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dh/dh_pmeth.c:275:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        pad = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_key.c:136:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dgst[16] = {0};
data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_meth.c:54:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret, dsam, sizeof(*dsam));
data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_pmeth.c:182:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        nbits = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dsa/dsa_pmeth.c:186:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int qbits = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:71:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errbuf[160];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:137:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errbuf[160];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:263:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(path, inf.filename, len);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:434:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(path, dli.dli_fname, len);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:70:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char imagename[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:282:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char symname_32[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:322:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errstring[257];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:370:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char esa[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:382:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filespec1_32[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:383:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filespec2_32[NAMX_MAXRSS + 1];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:424:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char errstring[257];
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:49:10:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    if (!MultiByteToWideChar(CP_ACP, 0, lpLibFileName, len_0, fnamw, len_0))
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:345:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(&result[offset], "\\\\");
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:598:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(path, me32.szExePath, len);
data/openssl-3.0.0~~alpha4/crypto/ebcdic.c:24:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char os_toascii[256] = {
data/openssl-3.0.0~~alpha4/crypto/ebcdic.c:60:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char os_toebcdic[256] = {
data/openssl-3.0.0~~alpha4/crypto/ebcdic.c:111:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char os_toascii[256] = {
data/openssl-3.0.0~~alpha4/crypto/ebcdic.c:179:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char os_toebcdic[256] = {
data/openssl-3.0.0~~alpha4/crypto/ebcdic.c:255:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char os_toascii[256] = {
data/openssl-3.0.0~~alpha4/crypto/ebcdic.c:294:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char os_toebcdic[256] = {
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:217:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(e, scalar, 32);
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:709:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(e, scalar, 32);
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4238:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    signed char e[64];
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4383:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(e, scalar, 32);
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4544:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    signed char aslide[256];
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4545:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    signed char bslide[256];
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:5494:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char allzeroes[15];
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:5625:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(e, private_key, 32);
data/openssl-3.0.0~~alpha4/crypto/ec/curve448/eddsa.c:243:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(signature, nonce_point, sizeof(nonce_point));
data/openssl-3.0.0~~alpha4/crypto/ec/curve448/point_448.h:96:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                    const unsigned char ser[C448_SCALAR_BYTES]);
data/openssl-3.0.0~~alpha4/crypto/ec/curve448/point_448.h:114:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void curve448_scalar_encode(unsigned char ser[C448_SCALAR_BYTES],
data/openssl-3.0.0~~alpha4/crypto/ec/curve448/scalar.c:153:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                const unsigned char ser[C448_SCALAR_BYTES])
data/openssl-3.0.0~~alpha4/crypto/ec/curve448/scalar.c:210:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void curve448_scalar_encode(unsigned char ser[C448_SCALAR_BYTES],
data/openssl-3.0.0~~alpha4/crypto/ec/ec_asn1.c:752:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret->seed, params->curve->seed->data,
data/openssl-3.0.0~~alpha4/crypto/ec/ec_ctrl.c:170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char kdf_type[80];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_ctrl.c:242:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[80] = "";
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:35:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:67:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 28 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:105:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 48 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:149:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 66 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:207:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:239:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:271:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:309:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:347:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:386:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 32 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:426:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 14 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:458:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 14 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:490:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 16 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:522:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 16 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:554:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:584:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:616:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:648:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:678:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 29 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:714:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 32 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:751:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 15 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:781:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:811:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 28 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:853:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 15 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:885:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 15 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:917:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 17 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:949:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 17 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:982:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1013:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1043:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1073:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 25 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1111:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 25 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1150:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1186:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1225:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1262:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 36 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1298:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 36 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1336:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 52 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1384:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 52 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1434:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 72 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1488:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 72 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1545:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1577:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1609:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 21 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1641:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 23 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1671:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1703:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1735:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1767:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 27 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1803:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1841:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1879:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 30 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1917:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 35 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1953:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 39 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:1995:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[20 + 45 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2039:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 47 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2081:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 54 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2129:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 15 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2165:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 20 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2200:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2241:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 20 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2271:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 20 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2301:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2331:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 24 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2361:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 28 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2397:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 28 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2433:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 32 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2469:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 32 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2505:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 40 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2547:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 40 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2589:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 48 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2631:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 48 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2673:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 64 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2727:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 64 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_curve.c:2783:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[0 + 32 * 6];
data/openssl-3.0.0~~alpha4/crypto/ec/ec_key.c:966:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dgst[16] = {0};
data/openssl-3.0.0~~alpha4/crypto/ec/ec_kmeth.c:174:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, sec, outlen);
data/openssl-3.0.0~~alpha4/crypto/ec/ec_lib.c:250:14:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        if (!memcpy(dest->seed, src->seed, src->seed_len))
data/openssl-3.0.0~~alpha4/crypto/ec/ec_lib.c:532:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(group->seed, p, len);
data/openssl-3.0.0~~alpha4/crypto/ec/ec_mult.c:639:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(wNAF[i], pp, wNAF_len[i]);
data/openssl-3.0.0~~alpha4/crypto/ec/ec_pmeth.c:394:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        co_mode = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/ec/eck_prn.c:227:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[128 + 1 + 4];
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp224.c:1184:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(nq, tmp, 3 * sizeof(felem));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp224.c:1223:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(nq, tmp, 3 * sizeof(felem));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp521.c:1575:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(nq, tmp, 3 * sizeof(felem));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp521.c:1605:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(nq, tmp, 3 * sizeof(felem));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp521.c:1998:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(pre_comp[i][1][0], x_out, sizeof(felem));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp521.c:1999:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(pre_comp[i][1][1], y_out, sizeof(felem));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp521.c:2000:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(pre_comp[i][1][2], z_out, sizeof(felem));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistputil.c:80:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define tmp_felem(I) (&((char *)tmp_felems)[(I) * felem_size])
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistputil.c:81:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define X(I) (&((char *)point_array)[3*(I) * felem_size])
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistputil.c:82:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define Y(I) (&((char *)point_array)[(3*(I) + 1) * felem_size])
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistputil.c:83:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define Z(I) (&((char *)point_array)[(3*(I) + 2) * felem_size])
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:436:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r->X, res_x, sizeof(res_x));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:437:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r->Y, res_y, sizeof(res_y));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:438:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r->Z, res_z, sizeof(res_z));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:522:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r->X, res_x, sizeof(res_x));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:523:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r->Y, res_y, sizeof(res_y));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:524:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r->Z, res_z, sizeof(res_z));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:602:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r, res, sizeof(res));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:625:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char (*p_str)[33] = NULL;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:739:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r, &temp[0], sizeof(temp[0]));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:962:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char p_str[33] = { 0 };
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:1138:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_scalars, scalars, num * sizeof(BIGNUM *));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:1140:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_points, points, num * sizeof(EC_POINT *));
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistz256.c:1385:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        static const unsigned char expLo[32]  = {
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_s390x_nistp.c:53:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char param[S390X_SIZE_PARAM];
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_s390x_nistp.c:132:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char param[S390X_SIZE_PARAM];
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_s390x_nistp.c:169:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param + S390X_OFF_H(len) + off, dgst, len - off);
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_s390x_nistp.c:226:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char param[S390X_SIZE_PARAM];
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_s390x_nistp.c:264:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param + S390X_OFF_H(len) + off, dgst, len - off);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:70:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(pubkey, p, plen);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:89:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(privkey, p, KEYLENID(id));
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:365:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(priv, key->privkey, *len);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:385:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pub, key->pubkey, *len);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1036:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1093:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char x_dst[57], buff[114];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1180:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char sig[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1181:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char priv[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1220:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char sig[128];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1221:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char priv[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1239:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.ed448.priv + 64 - 57, edkey->privkey, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1248:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sig, param.ed448.sig, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1249:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sig + 57, param.ed448.sig + 64, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1263:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char sig[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1264:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char pub[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1290:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char sig[128];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1291:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char pub[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1301:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.ed448.sig, sig, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1303:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.ed448.sig + 64, sig + 57, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_meth.c:1305:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.ed448.pub, edkey->pubkey, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:21:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void s390x_x25519_mod_p(unsigned char u[32])
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:23:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char u_red[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:45:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void s390x_x448_mod_p(unsigned char u[56])
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:47:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char u_red[56];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:77:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_x25519_mul(unsigned char u_dst[32],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:78:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     const unsigned char u_src[32],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:79:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     const unsigned char d_src[32])
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:83:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char u_dst[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:84:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char u_src[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:85:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char d_src[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:110:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_x448_mul(unsigned char u_dst[56],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:111:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                   const unsigned char u_src[56],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:112:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                   const unsigned char d_src[56])
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:116:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char u_dst[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:117:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char u_src[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:118:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char d_src[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:126:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.x448.u_src, u_src, 56);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:127:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.x448.d_src, d_src, 56);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:139:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(u_dst, param.x448.u_dst, 56);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:146:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_ed25519_mul(unsigned char x_dst[32],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:147:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      unsigned char y_dst[32],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:148:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      const unsigned char x_src[32],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:149:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      const unsigned char y_src[32],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:150:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      const unsigned char d_src[32])
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:154:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char x_dst[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:155:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char y_dst[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:156:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char x_src[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:157:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char y_src[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:158:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char d_src[32];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:180:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_ed448_mul(unsigned char x_dst[57],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:181:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char y_dst[57],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:182:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    const unsigned char x_src[57],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:183:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    const unsigned char y_src[57],
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:184:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    const unsigned char d_src[57])
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:188:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char x_dst[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:189:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char y_dst[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:190:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char x_src[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:191:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char y_src[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:192:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char d_src[64];
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:200:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.ed448.x_src, x_src, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:201:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.ed448.y_src, y_src, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:202:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(param.ed448.d_src, d_src, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:211:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(x_dst, param.ed448.x_dst, 57);
data/openssl-3.0.0~~alpha4/crypto/ec/ecx_s390x.c:212:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(y_dst, param.ed448.y_dst, 57);
data/openssl-3.0.0~~alpha4/crypto/engine/eng_dyn.c:464:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&cpy, e, sizeof(ENGINE));
data/openssl-3.0.0~~alpha4/crypto/engine/eng_dyn.c:489:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(e, &cpy, sizeof(ENGINE));
data/openssl-3.0.0~~alpha4/crypto/engine/eng_openssl.c:193:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[TEST_RC4_KEY_SIZE];
data/openssl-3.0.0~~alpha4/crypto/engine/eng_openssl.c:207:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&test(ctx)->key[0], key, n);
data/openssl-3.0.0~~alpha4/crypto/err/err.c:195:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char strerror_pool[SPACE_SYS_STR_REASONS];
data/openssl-3.0.0~~alpha4/crypto/err/err.c:572:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lsbuf[64], rsbuf[64];
data/openssl-3.0.0~~alpha4/crypto/err/err.c:606:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[256];
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:26:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[ERR_PRINT_BUF_SIZE], *hex;
data/openssl-3.0.0~~alpha4/crypto/ess/ess_lib.c:61:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cert_sha1[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/ess/ess_lib.c:143:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ess/ess_lib.c:301:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cert_sha1[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/ess/ess_lib.c:334:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cert_digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c:42:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c:43:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[B64_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c:142:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, &(ctx->buf[ctx->buf_off]), i);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c:313:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, ctx->buf, i);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c:386:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c:403:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(ctx->tmp, in, n);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_enc.c:39:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[BUF_OFFSET + ENC_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/bio_enc.c:125:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, &(ctx->buf[ctx->buf_off]), i);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_enc.c:222:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, ctx->buf, i);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:107:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[IOBS];
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:193:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, &(ctx->buf[ctx->buf_off]), i);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:304:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&ctx->buf[ctx->buf_len], in, n);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:464:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(ctx->buf[ctx->buf_len]), md_data, md_size);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:485:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:502:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(md_data, &(ctx->buf[ctx->buf_off]), md_size);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:565:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/cmeth_lib.c:44:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(to, cipher, sizeof(*to));
data/openssl-3.0.0~~alpha4/crypto/evp/digest.c:485:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, sizeof(*out));
data/openssl-3.0.0~~alpha4/crypto/evp/digest.c:507:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out->md_data, in->md_data, out->digest->ctx_size);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:68:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    void (*stream) (const unsigned char *in,
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:69:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char *out, size_t length,
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:71:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:109:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tag[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:110:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data_buf[16]; /* Store partial data blocks */
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:111:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aad_buf[16];  /* Store partial AAD blocks */
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:248:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, iv, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:303:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:329:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:384:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(octx->iv, iv, octx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:580:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, iv, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:654:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:679:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:733:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(octx->iv, iv, octx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:804:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char k[32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:819:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char cv[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:820:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char k[32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:837:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char cv[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:838:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char k[32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:855:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char reserved[12];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:858:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char b[4];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:862:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char b[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:864:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char h[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:871:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char k[32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:885:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ares[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:886:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mres[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:887:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char kres[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:906:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char pad[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:918:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char b[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:920:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char k[32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:926:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char b[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:930:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char b[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:942:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char pad[140];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:971:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->km.param.k, key, keylen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:993:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->kmo.param.cv, iv, ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:994:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->kmo.param.k, key, keylen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1054:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->kmf.param.cv, iv, ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1055:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->kmf.param.k, key, keylen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1119:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->kmf.param.cv, iv, ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1120:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cctx->kmf.param.k, key, keylen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1215:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char b[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1308:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&ctx->kma.param.j0, iv, ctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1313:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->iv, iv, ctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1387:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1396:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, gctx->kma.param.t.b, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1402:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, ptr, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1414:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1432:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1446:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1457:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1494:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx_out->iv, gctx->iv, len);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1518:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&gctx->kma.param.k, key, keylen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1536:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, iv, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1585:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out + len, gctx->kma.param.t.b, EVP_GCM_TLS_TAG_LEN);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1611:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *buf, tmp[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1695:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->aes.ccm.nonce.b + 1, nonce, 15 - ctx->aes.ccm.l);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1875:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, buf, EVP_CCM_TLS_EXPLICIT_IV_LEN);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1883:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ivec + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1896:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out + len, cctx->aes.ccm.kmac_param.icv.b, cctx->aes.ccm.m);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1928:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(cctx->aes.ccm.kmac_param.k, key, keylen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:1942:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ivec, iv, 15 - cctx->aes.ccm.l);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2074:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2105:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(iv, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2130:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2144:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, cctx->aes.ccm.kmac_param.icv.b, cctx->aes.ccm.m);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2580:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(c->buf, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2588:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, c->buf, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2596:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, gctx->iv, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2602:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, ptr, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2613:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2625:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2637:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2646:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(c->buf, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2683:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:2760:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, iv, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3216:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3287:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3314:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3333:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3405:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3421:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, EVP_CIPHER_CTX_buf_noconst(ctx),
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3424:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx) + EVP_CCM_TLS_FIXED_IV_LEN, in,
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3448:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char tag[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3516:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char tag[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3567:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, EVP_CIPHER_CTX_iv_length(ctx));
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3761:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(octx->tag, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3768:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, octx->tag, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3858:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(octx->iv, iv, octx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3911:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(buf + (*buf_len), in, len);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3915:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf + (*buf_len), in, remaining);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes.c:3965:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, in, trailing_len);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:36:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char tls_aad[16]; /* 13 used */
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:59:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        const AES_KEY *key, unsigned char iv[16],
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:63:57:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           const AES_KEY *key, unsigned char iv[16],
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:166:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char storage[sizeof(SHA1_MB_CTX) + 32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:201:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:202:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:208:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:209:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:214:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(blocks[0].c, key->md.data, 8);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:245:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:282:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:299:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c, ptr, off);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:364:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:460:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out + aes_off, in + aes_off, plen - aes_off);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:482:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char c[32 + SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:494:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char c[SHA_CBLOCK];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:497:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char tail_iv[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:507:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), in, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:518:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(tail_iv, in + len - 2 * AES_BLOCK_SIZE,
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:574:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ctx->iv, tail_iv, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:782:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char hmac_key[64];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:791:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(hmac_key, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha1.c:835:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(key->aux.tls_aad, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:36:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char tls_aad[16]; /* 13 used */
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:59:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                         const AES_KEY *key, unsigned char iv[16],
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:161:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char storage[sizeof(SHA256_MB_CTX) + 32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:197:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:198:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:204:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:205:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:210:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(blocks[0].c, key->md.data, 8);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:244:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:281:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:298:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c, ptr, off);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:375:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:489:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out + aes_off, in + aes_off, plen - aes_off);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:511:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char c[64 + SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:527:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char c[SHA256_CBLOCK];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:759:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char hmac_key[64];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:771:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(hmac_key, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aes_cbc_hmac_sha256.c:815:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(key->aux.tls_aad, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:240:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, iv, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:284:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:292:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, EVP_CIPHER_CTX_buf_noconst(c), arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:298:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, ptr, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:309:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(gctx->iv, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:322:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:335:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:344:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:382:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:525:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, 15 - cctx->L);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:554:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:581:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:599:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(EVP_CIPHER_CTX_buf_noconst(c), ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:642:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, EVP_CIPHER_CTX_buf_noconst(ctx),
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:645:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx) + EVP_CCM_TLS_FIXED_IV_LEN, in,
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:667:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char tag[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_aria.c:735:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char tag[16];
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[CHACHA_BLK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:36:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           const unsigned char user_key[CHACHA_KEY_SIZE],
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:37:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           const unsigned char iv[CHACHA_CTR_SIZE], int enc)
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:154:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tag[POLY1305_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:155:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tls_aad[POLY1305_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:181:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char temp[CHACHA_CTR_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:185:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(temp + CHACHA_CTR_SIZE - actx->nonce_len, iv,
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:207:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char zero[4 * CHACHA_BLK_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:209:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char zero[2 * CHACHA_BLK_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:217:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *buf, *tohash, *ctr, storage[sizeof(zero) + 32];
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:234:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tohash, actx->tls_aad, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:259:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tohash, actx->tls_aad, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:319:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctr, (unsigned char *)&actx->len, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:350:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, actx->tag, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:362:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char zero[CHACHA_BLK_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:433:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char temp[POLY1305_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:476:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out, actx->tag, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:562:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(actx->tag, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:570:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, actx->tag, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_chacha20_poly1305.c:580:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(actx->tls_aad, ptr, EVP_AEAD_TLS1_AAD_LEN);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des.c:47:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        const DES_key_schedule *ks, unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des.c:49:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        const DES_key_schedule *ks, unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des.c:154:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[1], d[1];
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:51:69:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             const DES_key_schedule ks[3], unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:53:69:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             const DES_key_schedule ks[3], unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:172:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[1], d[1];
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:245:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1));
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:254:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1));
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:321:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char wrap_iv[8] =
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:327:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char icv[8], iv[8], sha1tmp[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:333:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), wrap_iv, 8);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:373:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha1tmp[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:380:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out + inl + 8, sha1tmp, 8);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:385:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, EVP_CIPHER_CTX_iv_noconst(ctx), 8);
data/openssl-3.0.0~~alpha4/crypto/evp/e_des3.c:389:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), wrap_iv, 8);
data/openssl-3.0.0~~alpha4/crypto/evp/e_null.c:48:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, inl);
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc2.c:133:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc4_hmac_md5.c:118:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out + rc4_off, in + rc4_off, plen - rc4_off);
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc4_hmac_md5.c:131:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char mac[MD5_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc4_hmac_md5.c:191:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char hmac_key[64];
data/openssl-3.0.0~~alpha4/crypto/evp/e_rc4_hmac_md5.c:200:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(hmac_key, ptr, arg);
data/openssl-3.0.0~~alpha4/crypto/evp/e_xcbc_d.c:64:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&data(ctx)->inw[0], &key[8], 8);
data/openssl-3.0.0~~alpha4/crypto/evp/e_xcbc_d.c:65:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&data(ctx)->outw[0], &key[16], 8);
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:48:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char data_bin2ascii[65] =
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:52:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char srpdata_bin2ascii[65] =
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:72:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char data_ascii2bin[128] = {
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:91:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char srpdata_ascii2bin[128] = {
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:139:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dctx, sctx, sizeof(EVP_ENCODE_CTX));
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:173:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ctx->enc_data[ctx->num]), in, inl);
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:179:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ctx->enc_data[ctx->num]), in, i);
data/openssl-3.0.0~~alpha4/crypto/evp/encode.c:210:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(ctx->enc_data[0]), in, inl);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:338:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:339:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:346:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:500:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(ctx->buf[i]), in, inl);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:506:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(ctx->buf[i]), in, j);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:525:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->buf, &(in[inl]), i);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:746:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, ctx->final, b);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:762:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->final, &out[*outl], b);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:1242:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, sizeof(*out));
data/openssl-3.0.0~~alpha4/crypto/evp/evp_enc.c:1251:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_key.c:22:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char prompt_string[80];
data/openssl-3.0.0~~alpha4/crypto/evp/evp_key.c:56:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[BUFSIZ];
data/openssl-3.0.0~~alpha4/crypto/evp/evp_key.c:84:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md_buf[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/evp_lib.c:181:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/evp_lib.c:694:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(to, md, sizeof(*to));
data/openssl-3.0.0~~alpha4/crypto/evp/evp_local.h:41:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
data/openssl-3.0.0~~alpha4/crypto/evp/evp_local.h:42:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
data/openssl-3.0.0~~alpha4/crypto/evp/evp_local.h:43:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */
data/openssl-3.0.0~~alpha4/crypto/evp/evp_local.h:52:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
data/openssl-3.0.0~~alpha4/crypto/evp/evp_local.h:229:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char enc_data[80];
data/openssl-3.0.0~~alpha4/crypto/evp/evp_pbe.c:95:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char obj_tmp[80];
data/openssl-3.0.0~~alpha4/crypto/evp/evp_pkey.c:26:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char obj_tmp[80];
data/openssl-3.0.0~~alpha4/crypto/evp/kdf_lib.c:71:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst, src, sizeof(*dst));
data/openssl-3.0.0~~alpha4/crypto/evp/keymgmt_lib.c:437:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mddefault[100] = "";
data/openssl-3.0.0~~alpha4/crypto/evp/keymgmt_lib.c:438:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdmandatory[100] = "";
data/openssl-3.0.0~~alpha4/crypto/evp/m_sigver.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char locmdname[80] = "";     /* 80 chars should be enough */
data/openssl-3.0.0~~alpha4/crypto/evp/m_sigver.c:412:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/m_sigver.c:481:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt.c:29:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md_tmp[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt.c:30:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt.c:103:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(key, md_tmp, kl);
data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt.c:104:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, md_tmp + (16 - ivl), ivl);
data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt2.c:147:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/p_lib.c:1142:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char mdname[80] = "";
data/openssl-3.0.0~~alpha4/crypto/evp/p_lib.c:1462:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *str[2] = { NULL, NULL };
data/openssl-3.0.0~~alpha4/crypto/evp/p_lib.c:1832:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buffer[2048];
data/openssl-3.0.0~~alpha4/crypto/evp/p_seal.c:22:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/evp/p_sign.c:20:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char m[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/p_verify.c:20:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char m[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/evp/pkey_kdf.c:90:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy((*collector)->data + i, data, datalen);
data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_gn.c:229:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char curve_name[OSSL_MAX_NAME_SIZE] = "";
data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_lib.c:744:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[80] = "";
data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_lib.c:1056:37:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        value = dh_gen_type_id2name(atoi(value));
data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_lib.c:1061:42:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        value = ffc_named_group_from_uid(atoi(value));
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:109:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:133:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        static const unsigned char ggen[4] = { 0x67, 0x67, 0x65, 0x6e };
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:168:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:290:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:361:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf2[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:362:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:375:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, seed, qsize);
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:376:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf2, seed, qsize);
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:659:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(seed_tmp, seed, seedlen);
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:772:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:773:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/ffc/ffc_params_generate.c:834:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(seed, seed_in, seed_len);
data/openssl-3.0.0~~alpha4/crypto/hmac/hm_ameth.c:95:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(priv, ASN1_STRING_get0_data(os), *len);
data/openssl-3.0.0~~alpha4/crypto/hmac/hmac.c:29:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pad[HMAC_MAX_MD_CBLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/hmac/hmac.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char keytmp[HMAC_MAX_MD_CBLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/hmac/hmac.c:69:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(keytmp, key, len);
data/openssl-3.0.0~~alpha4/crypto/hmac/hmac.c:118:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/hmac/hmac.c:224:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/hmac/hmac.c:225:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char dummy_key[1] = {'\0'};
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:415:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char len_str[32];
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:416:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char str[32];
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:702:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char host_name[100];
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:907:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[200];
data/openssl-3.0.0~~alpha4/crypto/idea/i_ofb64.c:32:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char d[8];
data/openssl-3.0.0~~alpha4/crypto/info.c:33:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char ossl_cpu_info_str[CPU_INFO_STR_LEN] = "";
data/openssl-3.0.0~~alpha4/crypto/info.c:105:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        static char seeds[512] = "";
data/openssl-3.0.0~~alpha4/crypto/md2/md2_dgst.c:96:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(p[c->num]), data, MD2_BLOCK - c->num);
data/openssl-3.0.0~~alpha4/crypto/md2/md2_dgst.c:103:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(p[c->num]), data, len);
data/openssl-3.0.0~~alpha4/crypto/md2/md2_dgst.c:118:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, data, len);
data/openssl-3.0.0~~alpha4/crypto/md2/md2_dgst.c:152:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sp1, state, 16 * sizeof(MD2_INT));
data/openssl-3.0.0~~alpha4/crypto/md2/md2_one.c:28:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[MD2_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/md2/md2_one.c:38:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char temp[1024];
data/openssl-3.0.0~~alpha4/crypto/md4/md4_one.c:28:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[MD4_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/md4/md4_one.c:38:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char temp[1024];
data/openssl-3.0.0~~alpha4/crypto/md5/md5_one.c:28:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[MD5_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/md5/md5_one.c:38:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char temp[1024];
data/openssl-3.0.0~~alpha4/crypto/md5/md5_sha1.c:43:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char padtmp[48];
data/openssl-3.0.0~~alpha4/crypto/md5/md5_sha1.c:44:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md5tmp[MD5_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/md5/md5_sha1.c:45:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha1tmp[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2_one.c:23:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[MDC2_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2dgst.c:53:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(c->data[i]), in, len);
data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2dgst.c:59:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&(c->data[i]), in, j);
data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2dgst.c:71:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(c->data[0]), &(in[i]), j);
data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2dgst.c:129:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(md, (char *)c->h, MDC2_BLOCK);
data/openssl-3.0.0~~alpha4/crypto/mdc2/mdc2dgst.c:130:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(md[MDC2_BLOCK]), (char *)c->hh, MDC2_BLOCK);
data/openssl-3.0.0~~alpha4/crypto/mem.c:107:16:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    md_count = atol(md_failstring);
data/openssl-3.0.0~~alpha4/crypto/mem.c:109:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
data/openssl-3.0.0~~alpha4/crypto/mem.c:133:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[80];
data/openssl-3.0.0~~alpha4/crypto/mem.c:161:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        md_tracefd = atoi(cp);
data/openssl-3.0.0~~alpha4/crypto/mem.c:238:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret, str, old_len);
data/openssl-3.0.0~~alpha4/crypto/mem_sec.c:462:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ((fd = open("/dev/zero", O_RDWR)) >= 0) {
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:24:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:24:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:26:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], block128_f block)
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:72:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ivec, iv, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:75:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:75:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:77:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], block128_f block)
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:82:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[16];
data/openssl-3.0.0~~alpha4/crypto/modes/cbc128.c:117:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ivec, iv, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ccm128.c:62:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ctx->nonce.c[1], nonce, 14 - L);
data/openssl-3.0.0~~alpha4/crypto/modes/ccm128.c:177:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(temp.c, inp, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ccm128.c:190:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, temp.c, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ccm128.c:260:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(temp.c, inp, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ccm128.c:263:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, scratch.c, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ccm128.c:440:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tag, ctx->cmac.c, M);
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:25:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:25:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:27:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], int *num,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:145:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:145:66:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:147:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                               unsigned char ivec[16], int enc,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:151:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ovec[16 * 2 + 1]; /* +1 because we dereference (but don't
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:158:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovec, ivec, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:172:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ivec, ovec + num, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:181:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:181:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:183:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], int *num,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:187:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[1], d[1];
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:197:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:197:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cfb128.c:199:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], int *num,
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:77:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:77:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:79:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:80:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ecount_buf[16], unsigned int *num,
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:154:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:154:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:156:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/crypto/modes/ctr128.c:157:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ecount_buf[16],
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:27:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:28:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:29:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   const void *key, unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:50:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, out - 16, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:51:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out - 16, ivec, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:56:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:57:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:59:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:82:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out - 16 + residue, ivec, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:87:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:87:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:89:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], cbc128_f cbc)
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:94:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[16];
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:111:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, out - 16, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:113:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, tmp.c, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:116:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, in, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:117:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, out - 16, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:123:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:123:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:125:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ivec[16], cbc128_f cbc)
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:130:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[16];
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:152:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, in, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:158:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:159:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:160:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   const void *key, unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:166:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[32];
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:185:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, tmp.c + 16, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:186:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, in + 16, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:200:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:201:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:203:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:209:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[32];
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:232:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, tmp.c + 16, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:233:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, in, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:248:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:248:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:250:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], cbc128_f cbc)
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:255:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[32];
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:278:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, in + 16, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:283:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, tmp.c, 16 + residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:288:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:288:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:290:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ivec[16], cbc128_f cbc)
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:295:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[32];
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:322:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.c, in, residue);
data/openssl-3.0.0~~alpha4/crypto/modes/cts128.c:327:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, tmp.c, 16 + residue);
data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c:851:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->Yi.c, iv, 12);
data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c:1023:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi));
data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c:1258:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi));
data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c:1503:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi));
data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c:1667:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->Xn, ctx->Xi.c, sizeof(ctx->Xi));
data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c:1856:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->Xn + mres, &bitlen, sizeof(bitlen));
data/openssl-3.0.0~~alpha4/crypto/modes/gcm128.c:1877:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tag, ctx->Xi.c,
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:199:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dest, src, sizeof(OCB128_CONTEXT));
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:209:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dest->l, src->l, (src->l_index + 1) * 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:220:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ktop[16], tmp[16], mask;
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:221:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char stretch[24], nonce[16];
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:238:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nonce + 16 - len, iv, len);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:242:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp, nonce, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:247:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(stretch, ktop, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:289:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmp.c, aad, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:311:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmp.c, aad, last_len);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:358:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const unsigned char (*)[16])ctx->l, ctx->sess.checksum.c);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:371:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp.c, in, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:382:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, tmp.c, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:407:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(pad.c, in, last_len);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:450:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const unsigned char (*)[16])ctx->l, ctx->sess.checksum.c);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:463:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp.c, in, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:474:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, tmp.c, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:499:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(pad.c, out, last_len);
data/openssl-3.0.0~~alpha4/crypto/modes/ocb128.c:527:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tag, &tmp, len);
data/openssl-3.0.0~~alpha4/crypto/modes/ofb128.c:25:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/ofb128.c:25:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/modes/ofb128.c:27:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], int *num, block128_f block)
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:109:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&t, in + (len-SIV_LEN), SIV_LEN);
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:115:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&t, in, len);
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:169:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char zero[SIV_LEN] = { 0 };
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:216:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&dest->d, &src->d, sizeof(src->d));
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:272:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->tag.byte, &q, SIV_LEN);
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:298:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&q, ctx->tag.byte, SIV_LEN);
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:335:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->tag.byte, tag, len);
data/openssl-3.0.0~~alpha4/crypto/modes/siv128.c:348:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tag, ctx->tag.byte, len);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:53:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *A, B[16], *R;
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:63:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(A, iv, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:68:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(B + 8, R, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:76:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(R, B + 8, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:79:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, A, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:104:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *A, B[16], *R;
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:111:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(A, in, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:122:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(B + 8, R, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:124:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(R, B + 8, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:127:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, A, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:155:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char got_iv[8];
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:198:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aiv[8];
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:207:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(aiv, default_aiv, 4);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:209:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(aiv, icv, 4);    /* Standard doesn't mention this. */
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:223:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, aiv, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:262:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aiv[8];
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:263:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char zeros[8] = { 0x0 };
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:277:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char buff[16];
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:280:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(aiv, buff, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/wrap128.c:282:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, buff + 8, 8);
data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c:23:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          const unsigned char iv[16],
data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c:43:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tweak.c, iv, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c:52:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(scratch.c, inp, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c:63:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, scratch.c, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c:107:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out - 16, scratch.c, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c:135:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(scratch.c, inp, 16);
data/openssl-3.0.0~~alpha4/crypto/modes/xts128.c:157:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, scratch.c, 16);
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:57:15:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    if ((sz = MultiByteToWideChar(CP_UTF8, (flags = MB_ERR_INVALID_CHARS),
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:60:16:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
         (sz = MultiByteToWideChar(CP_UTF8, (flags = 0),
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:66:13:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
        if (MultiByteToWideChar(CP_UTF8, flags,
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:68:13:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
            MultiByteToWideChar(CP_UTF8, 0, mode, strlen(mode) + 1,
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:77:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            file = fopen(filename, mode);
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:80:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        file = fopen(filename, mode);
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:109:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        file = fopen(filename, mode);
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:114:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    file = fopen(filename, mode);
data/openssl-3.0.0~~alpha4/crypto/o_str.c:42:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret, str, maxlen);
data/openssl-3.0.0~~alpha4/crypto/o_str.c:60:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    return memcpy(ret, data, siz);
data/openssl-3.0.0~~alpha4/crypto/o_time.c:37:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(result, ts2, sizeof(struct tm));
data/openssl-3.0.0~~alpha4/crypto/o_time.c:53:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(result, ts, sizeof(struct tm));
data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.c:414:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[DECIMAL_SIZE(i) + DECIMAL_SIZE(l) + 2];
data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.c:641:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[512];
data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.h:13:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char so[7845] = {
data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_ext.c:271:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmpval, val, len);
data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_lib.c:50:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_srv.c:270:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_srv.c:311:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char md[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_vfy.c:177:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash;
data/openssl-3.0.0~~alpha4/crypto/ocsp/ocsp_vfy.c:288:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/ocsp/v3_ocsp.c:179:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*pp, os->data, os->length);
data/openssl-3.0.0~~alpha4/crypto/packet.c:447:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dest, src, len);
data/openssl-3.0.0~~alpha4/crypto/param_build.c:100:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&pd->num, num, size);
data/openssl-3.0.0~~alpha4/crypto/param_build.c:344:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(p, pd->string, pd->size);
data/openssl-3.0.0~~alpha4/crypto/param_build.c:352:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(p, &pd->num, pd->size);
data/openssl-3.0.0~~alpha4/crypto/params.c:831:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(q, p->data, sz);
data/openssl-3.0.0~~alpha4/crypto/params.c:836:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*val, p->data, sz);
data/openssl-3.0.0~~alpha4/crypto/params.c:862:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p->data, val, len);
data/openssl-3.0.0~~alpha4/crypto/params_from_text.c:151:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(buf, value, buf_n);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_info.c:262:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:40:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, userdata, i);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:318:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:319:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:320:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:418:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:419:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:691:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:778:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*name, linebuf + BEGINLEN, len);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_pk8.c:121:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_pk8.c:168:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char psbuf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_pkey.c:97:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pem_str[80];
data/openssl-3.0.0~~alpha4/crypto/pem/pem_pkey.c:133:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pem_str[80];
data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c:213:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hdr_buf[16], *buf = NULL;
data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c:690:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char keybuf[20];
data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c:694:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char psbuf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c:714:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(enctmp, p, 8);
data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c:759:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pvk_hdr[24], *buf = NULL;
data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c:835:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char psbuf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/pem/pvkfmt.c:836:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char keybuf[20];
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_crpt.c:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_crt.c:44:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char keyid[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_key.c:127:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, Ai, min(n, u));
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_mutl.c:60:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[96];
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_mutl.c:70:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(key, out + sizeof(out) - TK26_MAC_KEY_LEN, TK26_MAC_KEY_LEN);
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_mutl.c:87:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_MD_SIZE], *salt;
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_mutl.c:158:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_mutl.c:185:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_mutl.c:243:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p12->mac->salt->data, salt, saltlen);
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_npas.c:69:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_doit.c:276:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_doit.c:277:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_doit.c:620:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md_data[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_doit.c:780:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char md_data[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/pkcs7/pk7_doit.c:1035:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:134:53:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void poly1305_init(void *ctx, const unsigned char key[16])
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:214:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void poly1305_emit(void *ctx, unsigned char mac[16],
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:272:53:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void poly1305_init(void *ctx, const unsigned char key[16])
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:380:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void poly1305_emit(void *ctx, unsigned char mac[16],
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:427:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int poly1305_init(void *ctx, const unsigned char key[16], void *func);
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:430:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_emit(void *ctx, unsigned char mac[16],
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:434:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32])
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:485:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->data + num, inp, rem);
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:491:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->data + num, inp, len);
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:506:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->data, inp, rem);
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305.c:511:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16])
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_ameth.c:82:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(priv, ASN1_STRING_get0_data(os), ASN1_STRING_length(os));
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_base2_44.c:57:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int poly1305_init(void *ctx, const unsigned char key[16])
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_base2_44.c:135:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_emit(void *ctx, unsigned char mac[16], const u32 nonce[4])
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_ieee754.c:110:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int poly1305_init(void *ctx, const unsigned char key[16])
data/openssl-3.0.0~~alpha4/crypto/poly1305/poly1305_ieee754.c:430:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_emit(void *ctx, unsigned char mac[16], const u32 nonce[4])
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:92:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32_int(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:92:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32_int(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:95:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32_vmx(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:95:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32_vmx(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:98:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32_vsx(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:98:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32_vsx(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:101:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:101:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:114:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_init_int(void *ctx, const unsigned char key[16]);
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:117:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_emit(void *ctx, unsigned char mac[16],
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:119:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_init_fpu(void *ctx, const unsigned char key[16]);
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:122:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_emit_fpu(void *ctx, unsigned char mac[16],
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:124:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_init_vsx(void *ctx, const unsigned char key[16]);
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:127:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void poly1305_emit_vsx(void *ctx, unsigned char mac[16],
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:129:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int poly1305_init(void *ctx, const unsigned char key[16], void *func[2]);
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:130:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int poly1305_init(void *ctx, const unsigned char key[16], void *func[2])
data/openssl-3.0.0~~alpha4/crypto/ppccap.c:274:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        if (uname(&uts) != 0 || atoi(uts.version) < 6)
data/openssl-3.0.0~~alpha4/crypto/property/defn_cache.c:27:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char body[1];
data/openssl-3.0.0~~alpha4/crypto/property/defn_cache.c:109:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p->body, prop, len + 1);
data/openssl-3.0.0~~alpha4/crypto/property/property.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char body[1];
data/openssl-3.0.0~~alpha4/crypto/property/property.c:550:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy((char *)p->query, prop_query, len + 1);
data/openssl-3.0.0~~alpha4/crypto/property/property_parse.c:86:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[100];
data/openssl-3.0.0~~alpha4/crypto/property/property_parse.c:193:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char v[1000];
data/openssl-3.0.0~~alpha4/crypto/property/property_parse.c:224:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char v[1000];
data/openssl-3.0.0~~alpha4/crypto/property/property_parse.c:584:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(r->properties + n, copy, sizeof(r->properties[0]));
data/openssl-3.0.0~~alpha4/crypto/property/property_string.c:31:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char body[1];
data/openssl-3.0.0~~alpha4/crypto/property/property_string.c:119:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ps->body, s, l + 1);
data/openssl-3.0.0~~alpha4/crypto/provider_conf.c:43:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[512];
data/openssl-3.0.0~~alpha4/crypto/rand/drbg_lib.c:112:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static int get_drbg_params(int type, unsigned int flags, const char **name,
data/openssl-3.0.0~~alpha4/crypto/rand/rand_egd.c:51:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sun_path[108];         /* path name (gag) */
data/openssl-3.0.0~~alpha4/crypto/rand/rand_egd.c:62:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tempbuf[255];
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:34:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#  define open    _open
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:65:60:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        (__FILE_ptr32 (*)(const char *, const char *, ...))fopen;
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:86:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[RAND_LOAD_BUF_SIZE];
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:176:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[RAND_BUF_SIZE];
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:203:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600);
data/openssl-3.0.0~~alpha4/crypto/rc2/rc2_skey.c:19:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char key_table[256] = {
data/openssl-3.0.0~~alpha4/crypto/rc2/rc2ofb64.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char d[8];
data/openssl-3.0.0~~alpha4/crypto/rc5/rc5ofb64.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char d[8];
data/openssl-3.0.0~~alpha4/crypto/ripemd/rmd_one.c:24:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[RIPEMD160_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_gen.c:477:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char plaintxt[16] = {0};
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_gen.c:478:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char decoded[256];
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_lib.c:988:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[80] = "";
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_lib.c:1133:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[80] = "";
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_meth.c:51:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret, meth, sizeof(*meth));
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_none.c:33:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(to, from, (unsigned int)flen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_none.c:47:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(to + tlen - flen, from, flen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_oaep.c:67:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seedmask[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_oaep.c:106:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(db + emlen - flen - mdlen, from, (unsigned int)flen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_oaep.c:338:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cnt[4];
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_oaep.c:340:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_oaep.c:368:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(mask + outlen, md, len - outlen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_ossl.c:501:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(to, buf, (r = j));
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_ossl.c:606:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(to, buf, (r = i));
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pk1.c:50:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, from, (unsigned int)flen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pk1.c:122:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(to, p, (unsigned int)j);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pk1.c:161:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, from, (unsigned int)flen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pk1.c:308:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pmeth.c:165:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(rctx->tbuf, tbs, tbslen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pmeth.c:227:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(rout, rctx->tbuf, ret);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pmeth.c:640:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            saltlen = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pmeth.c:645:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int nbits = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pmeth.c:663:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int nprimes = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pmeth.c:684:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            int saltlen = atoi(value);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pss.c:48:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char H_[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_pss.c:311:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(to, from, sizeof(*to));
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sign.c:265:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dig_info, di_prefix, di_prefix_len);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sign.c:266:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dig_info + di_prefix_len, m, m_len);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sign.c:370:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(rm, decrypt_buf, SSL_SIG_LENGTH);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sign.c:390:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(rm, decrypt_buf + 2, 16);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_sign.c:436:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(rm, m, m_len);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_ssl.c:59:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, from, (unsigned int)flen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_x931.c:53:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, from, (unsigned int)flen);
data/openssl-3.0.0~~alpha4/crypto/rsa/rsa_x931.c:99:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(to, p, (unsigned int)j);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:33:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void s390x_flip_endian32(unsigned char dst[32], const unsigned char src[32]);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:33:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void s390x_flip_endian32(unsigned char dst[32], const unsigned char src[32]);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:34:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void s390x_flip_endian64(unsigned char dst[64], const unsigned char src[64]);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:34:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void s390x_flip_endian64(unsigned char dst[64], const unsigned char src[64]);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:36:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_x25519_mul(unsigned char u_dst[32],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:37:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     const unsigned char u_src[32],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:38:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     const unsigned char d_src[32]);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:39:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_x448_mul(unsigned char u_dst[56],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:40:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                   const unsigned char u_src[56],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:41:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                   const unsigned char d_src[56]);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:42:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_ed25519_mul(unsigned char x_dst[32],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:43:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      unsigned char y_dst[32],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:44:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      const unsigned char x_src[32],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:45:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      const unsigned char y_src[32],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:46:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      const unsigned char d_src[32]);
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:47:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int s390x_ed448_mul(unsigned char x_dst[57],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:48:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char y_dst[57],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:49:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    const unsigned char x_src[57],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:50:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    const unsigned char y_src[57],
data/openssl-3.0.0~~alpha4/crypto/s390x_arch.h:51:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    const unsigned char d_src[57]);
data/openssl-3.0.0~~alpha4/crypto/s390xcap.c:56:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(cap, &NAME, sizeof(*cap));                           \
data/openssl-3.0.0~~alpha4/crypto/s390xcap.c:670:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *tok_begin, *tok_end, *buff, tok[S390X_STFLE_MAX][LEN + 1];
data/openssl-3.0.0~~alpha4/crypto/seed/seed.c:332:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char SEED_Sbox[2][256] = {
data/openssl-3.0.0~~alpha4/crypto/seed/seed.c:446:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
data/openssl-3.0.0~~alpha4/crypto/seed/seed.c:505:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/crypto/seed/seed.c:506:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                  unsigned char d[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/crypto/seed/seed.c:550:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/crypto/seed/seed.c:551:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                  unsigned char d[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/crypto/seed/seed_cbc.c:19:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/seed/seed_cbc.c:19:57:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/seed/seed_cbc.c:21:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      unsigned char ivec[SEED_BLOCK_SIZE], int enc)
data/openssl-3.0.0~~alpha4/crypto/seed/seed_cfb.c:19:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/seed/seed_cfb.c:19:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/seed/seed_cfb.c:21:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                         unsigned char ivec[SEED_BLOCK_SIZE], int *num,
data/openssl-3.0.0~~alpha4/crypto/seed/seed_ofb.c:19:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/seed/seed_ofb.c:19:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/crypto/seed/seed_ofb.c:21:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                         unsigned char ivec[SEED_BLOCK_SIZE], int *num)
data/openssl-3.0.0~~alpha4/crypto/sha/keccak1600.c:79:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char rhotates[5][5] = {
data/openssl-3.0.0~~alpha4/crypto/sha/keccak1600.c:1161:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char test[168] = { '\xf3', '\x3' };
data/openssl-3.0.0~~alpha4/crypto/sha/keccak1600.c:1162:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[512];
data/openssl-3.0.0~~alpha4/crypto/sha/keccak1600.c:1164:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char result[512] = {
data/openssl-3.0.0~~alpha4/crypto/sha/sha1_one.c:24:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/sha/sha1dgst.c:30:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char padtmp[40];
data/openssl-3.0.0~~alpha4/crypto/sha/sha1dgst.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha1tmp[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/sha/sha256.c:58:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[SHA224_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/sha/sha256.c:72:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/sha/sha3.c:58:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->buf + num, inp, len);
data/openssl-3.0.0~~alpha4/crypto/sha/sha3.c:67:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->buf + num, inp, rem);
data/openssl-3.0.0~~alpha4/crypto/sha/sha3.c:80:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->buf, inp + len - rem, rem);
data/openssl-3.0.0~~alpha4/crypto/sha/sha512.c:299:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p + c->num, data, len), c->num += (unsigned int)len;
data/openssl-3.0.0~~alpha4/crypto/sha/sha512.c:302:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p + c->num, data, n), c->num = 0;
data/openssl-3.0.0~~alpha4/crypto/sha/sha512.c:312:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(p, data, sizeof(c->u)),
data/openssl-3.0.0~~alpha4/crypto/sha/sha512.c:322:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, data, len), c->num = (int)len;
data/openssl-3.0.0~~alpha4/crypto/sha/sha512.c:344:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[SHA384_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/sha/sha512.c:358:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[SHA512_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/siphash/siphash.c:163:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&ctx->leavings[ctx->len], in, inlen);
data/openssl-3.0.0~~alpha4/crypto/siphash/siphash.c:169:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&ctx->leavings[ctx->len], in, available);
data/openssl-3.0.0~~alpha4/crypto/siphash/siphash.c:193:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->leavings, end, left);
data/openssl-3.0.0~~alpha4/crypto/siphash/siphash_ameth.c:84:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(priv, ASN1_STRING_get0_data(os), ASN1_STRING_length(os));
data/openssl-3.0.0~~alpha4/crypto/siphash/siphash_local.h:22:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char leavings[SIPHASH_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_pmeth.c:75:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dctx->id, sctx->id, sctx->id_len);
data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_pmeth.c:194:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tmp_id, p2, p1);
data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_pmeth.c:207:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p2, smctx->id, smctx->id_len);
data/openssl-3.0.0~~alpha4/crypto/srp/srp_lib.c:26:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_lib.c:143:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dig[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:138:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pad[2] = {0, 0};
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:228:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[MAX_LEN];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:314:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[MAX_LEN];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:552:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digv[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:553:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digs[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:609:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[MAX_LEN];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:610:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp2[MAX_LEN];
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:715:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp2[MAX_LEN];
data/openssl-3.0.0~~alpha4/crypto/stack/stack.c:65:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:229:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tpass[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:354:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char kbuf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:799:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char search_name[9];
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:838:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char peekbuf[4096] = { 0, };
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:955:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char errbuf[256];
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1239:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char peekbuf[16] = { 0, };
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1278:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char peekbuf[24] = { 0, };
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1435:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char errbuf[256];
data/openssl-3.0.0~~alpha4/crypto/store/store_lib.c:46:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char scheme_copy[256], *p, *schemes[2];
data/openssl-3.0.0~~alpha4/crypto/store/store_lib.c:81:34:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            loader_ctx = loader->open(loader, uri, ui_method, ui_data);
data/openssl-3.0.0~~alpha4/crypto/store/store_lib.c:543:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf1[20], buf2[20];
data/openssl-3.0.0~~alpha4/crypto/store/store_local.h:104:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    OSSL_STORE_open_fn open;
data/openssl-3.0.0~~alpha4/crypto/trace.c:190:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const char *)data, trace_categories[category].name);
data/openssl-3.0.0~~alpha4/crypto/trace.c:194:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const char *)data, trace_categories[category].name);
data/openssl-3.0.0~~alpha4/crypto/trace.c:211:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const char *)data, trace_categories[category].name);
data/openssl-3.0.0~~alpha4/crypto/trace.c:215:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const char *)data, trace_categories[category].name);
data/openssl-3.0.0~~alpha4/crypto/trace.c:362:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const char *)data, trace_categories[category].name);
data/openssl-3.0.0~~alpha4/crypto/trace.c:366:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    (const char *)data, trace_categories[category].name);
data/openssl-3.0.0~~alpha4/crypto/ts/ts_conf.c:396:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                secs = atoi(val->value);
data/openssl-3.0.0~~alpha4/crypto/ts/ts_conf.c:399:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                millis = atoi(val->value);
data/openssl-3.0.0~~alpha4/crypto/ts/ts_conf.c:402:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                micros = atoi(val->value);
data/openssl-3.0.0~~alpha4/crypto/ts/ts_lib.c:40:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char obj_txt[128];
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_sign.c:762:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_verify.c:102:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[4096];
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_verify.c:378:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char failure_text[TS_STATUS_BUF_SIZE] = "";
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_verify.c:409:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(failure_text, "unspecified");
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_verify.c:448:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buffer[4096];
data/openssl-3.0.0~~alpha4/crypto/ts/ts_verify_ctx.c:133:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ret->imprint, ASN1_STRING_get0_data(msg), ret->imprint_len);
data/openssl-3.0.0~~alpha4/crypto/ui/ui_lib.c:890:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize) + 1];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_lib.c:891:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize) + 1];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_lib.c:919:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(uis->result_buf, result, len);
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:264:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[SIZE + 1];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:280:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char result[BUFSIZ];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:382:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((tty_out = fopen("conout$", "w")) == NULL)
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:389:23:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ((tty_in = fopen("conin$", "r")) == NULL)
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:398:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:400:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:458:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char tmp_num[10];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:472:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char tmp_num[12];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:493:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:509:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tmp_num[2][12];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:535:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:547:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tmp_num[2][12];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:578:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char tmp_num[12];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_util.c:22:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[BUFSIZ];
data/openssl-3.0.0~~alpha4/crypto/ui/ui_util.c:107:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char result[PEM_BUFSIZE + 1];
data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_block.c:526:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(K.q, L, 64);
data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_block.c:533:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(S.q, L, 64);
data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_block.c:542:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(S.c, p, 64);
data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_dgst.c:127:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(c->data + byteoff, inp, bitrem);
data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_dgst.c:132:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(c->data + byteoff, inp, bits / 8);
data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_dgst.c:246:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md, c->H.c, WHIRLPOOL_DIGEST_LENGTH);
data/openssl-3.0.0~~alpha4/crypto/whrlpool/wp_dgst.c:256:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/x509/t_x509.c:231:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char SHA1md[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/x509/t_x509.c:336:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char oidstr[80], first;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:111:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(addr, bs->data, bs->length);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:136:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char addr[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:285:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:492:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[3];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:690:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:691:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:813:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:814:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:858:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:910:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:1101:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char p_min[ADDR_RAW_BUF_LEN], p_max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_addr.c:1102:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c_min[ADDR_RAW_BUF_LEN], c_max[ADDR_RAW_BUF_LEN];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_admis.c:93:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char objbuf[128];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_admis.c:193:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char objbuf[128];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_alt.c:85:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char othername[300];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_alt.c:86:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char oline[256], *tmp;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_extku.c:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char obj_tmp[80];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ia5.c:38:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp, ia5->data, ia5->length);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_info.c:70:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char objtmp[80], *ntmp;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_pci.c:144:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(&(*policy)->data[(*policy)->length],
data/openssl-3.0.0~~alpha4/crypto/x509/v3_pci.c:163:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char buf[2048];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_pci.c:191:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(&(*policy)->data[(*policy)->length], buf, n);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_pci.c:208:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(&(*policy)->data[(*policy)->length],
data/openssl-3.0.0~~alpha4/crypto/x509/v3_pmaps.c:56:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char obj_tmp1[80];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_pmaps.c:57:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char obj_tmp2[80];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_skey.c:62:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pkey_dig[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utf8.c:43:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp, utf8->data, utf8->length);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:967:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ipout[16];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:980:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[40], *out;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:1008:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ipout[16];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:1032:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ipout[32];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:1105:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[16];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:1163:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(v6, v6stat.tmp, v6stat.zero_pos);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:1168:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:1172:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(v6, v6stat.tmp, 16);
data/openssl-3.0.0~~alpha4/crypto/x509/x509_cmp.c:43:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[16];
data/openssl-3.0.0~~alpha4/crypto/x509/x509_cmp.c:200:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/crypto/x509/x509_cmp.c:225:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[16];
data/openssl-3.0.0~~alpha4/crypto/x509/x509_obj.c:35:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const char hex[17] = "0123456789ABCDEF";
data/openssl-3.0.0~~alpha4/crypto/x509/x509_obj.c:37:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_buf[80];
data/openssl-3.0.0~~alpha4/crypto/x509/x509_obj.c:39:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ebcdic_buf[1024];
data/openssl-3.0.0~~alpha4/crypto/x509/x509_obj.c:137:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, s, (unsigned int)l1);
data/openssl-3.0.0~~alpha4/crypto/x509/x509_vfy.c:2662:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mdbuf[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/x509/x509_vpm.c:254:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmp, src, srclen);
data/openssl-3.0.0~~alpha4/crypto/x509/x509_vpm.c:476:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ipout[16];
data/openssl-3.0.0~~alpha4/crypto/x509/x509name.c:47:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, data->data, i);
data/openssl-3.0.0~~alpha4/crypto/x509/x_all.c:454:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
data/openssl-3.0.0~~alpha4/crypto/x509/x_all.c:465:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/crypto/x509/x_all.c:498:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md, data->sha1_hash, sizeof(data->sha1_hash));
data/openssl-3.0.0~~alpha4/crypto/x509/x_name.c:182:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nm.x->bytes->data, q, p - q);
data/openssl-3.0.0~~alpha4/crypto/x509/x_name.c:230:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(*out, a->bytes->data, ret);
data/openssl-3.0.0~~alpha4/crypto/x509/x_pubkey.c:296:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(*pp, buf->data, ret);
data/openssl-3.0.0~~alpha4/demos/bio/client-arg.c:18:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpbuf[1024];
data/openssl-3.0.0~~alpha4/demos/bio/client-conf.c:19:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpbuf[1024];
data/openssl-3.0.0~~alpha4/demos/bio/saccept.c:54:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[512];
data/openssl-3.0.0~~alpha4/demos/bio/sconnect.c:35:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024 * 10], *p;
data/openssl-3.0.0~~alpha4/demos/bio/server-arg.c:29:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[512];
data/openssl-3.0.0~~alpha4/demos/bio/server-cmod.c:24:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[512];
data/openssl-3.0.0~~alpha4/demos/bio/server-conf.c:35:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[512];
data/openssl-3.0.0~~alpha4/demos/evp/aesccm.c:54:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char outbuf[1024];
data/openssl-3.0.0~~alpha4/demos/evp/aesccm.c:91:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char outbuf[1024];
data/openssl-3.0.0~~alpha4/demos/evp/aesgcm.c:54:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char outbuf[1024];
data/openssl-3.0.0~~alpha4/demos/evp/aesgcm.c:86:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char outbuf[1024];
data/openssl-3.0.0~~alpha4/demos/pkcs12/pkread.c:63:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(argv[1], "rb")) == NULL) {
data/openssl-3.0.0~~alpha4/demos/pkcs12/pkread.c:81:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(argv[3], "w")) == NULL) {
data/openssl-3.0.0~~alpha4/demos/pkcs12/pkwrite.c:30:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(argv[1], "r")) == NULL) {
data/openssl-3.0.0~~alpha4/demos/pkcs12/pkwrite.c:44:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen(argv[4], "wb")) == NULL) {
data/openssl-3.0.0~~alpha4/e_os.h:262:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#   define open _open
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:348:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(CMSG_DATA(cmsg), &op, ALG_OP_LEN);
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:361:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(aiv->iv, iv, len);
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:433:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cbuf[CMSG_SPACE(ALG_IV_LEN(ALG_AES_IV_LEN)) + CMSG_SPACE(ALG_OP_LEN)];
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:587:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nxtiv[ALG_AES_IV_LEN] = { 0 };
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:607:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(nxtiv, in + (inl - ALG_AES_IV_LEN), ALG_AES_IV_LEN);
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:624:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), out + (inl - ALG_AES_IV_LEN),
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:627:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), nxtiv, ALG_AES_IV_LEN);
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:799:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        kver[i] = atoi(str);
data/openssl-3.0.0~~alpha4/engines/e_capi.c:668:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char magstr[10];
data/openssl-3.0.0~~alpha4/engines/e_capi.c:714:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char magstr[10];
data/openssl-3.0.0~~alpha4/engines/e_capi.c:761:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char algstr[10];
data/openssl-3.0.0~~alpha4/engines/e_capi.c:868:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char algstr[10];
data/openssl-3.0.0~~alpha4/engines/e_capi.c:950:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char errstr[10];
data/openssl-3.0.0~~alpha4/engines/e_capi.c:975:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(to, tmpbuf, (flen = (int)dlen));
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1003:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char csigbuf[40];
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1104:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errstr[10];
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1207:21:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
        if ((clen = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1210:13:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
            MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, (WCHAR *)cspname,
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1573:24:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
            if ((len = MultiByteToWideChar(CP_ACP, 0, id, -1, NULL, 0)) &&
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1575:18:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
                 MultiByteToWideChar(CP_ACP, 0, id, -1, contname, len)) &&
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1576:24:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
                (len = MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1579:18:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
                 MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1,
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1644:20:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
        if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) {
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1646:13:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
            MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len);
data/openssl-3.0.0~~alpha4/engines/e_dasync.c:157:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN];
data/openssl-3.0.0~~alpha4/engines/e_dasync.c:611:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(pipe_ctx->tlsaad[pipe_ctx->aadctr], ptr,
data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c:98:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char partial[EVP_MAX_BLOCK_LENGTH];
data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c:226:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char saved_iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c:248:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(saved_iv, ivptr, ivlen);
data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c:277:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(iv, ivptr, ivlen);
data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c:627:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest_res[HASH_MAX_LEN];
data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c:759:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md, digest_ctx->digest_res, EVP_MD_CTX_size(ctx));
data/openssl-3.0.0~~alpha4/engines/e_devcrypto.c:1175:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((cfd = open("/dev/crypto", O_RDWR, 0)) < 0) {
data/openssl-3.0.0~~alpha4/engines/e_ossltest.c:610:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmpbuf, in, inl);
data/openssl-3.0.0~~alpha4/engines/e_ossltest.c:617:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, tmpbuf, inl);
data/openssl-3.0.0~~alpha4/engines/e_ossltest.c:641:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmpbuf, in, inl);
data/openssl-3.0.0~~alpha4/engines/e_ossltest.c:648:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, tmpbuf, inl);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:75:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char padlock_name[100];
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:176:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:304:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:306:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:340:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:376:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:408:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cdata->iv, EVP_CIPHER_CTX_iv(ctx), AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:431:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), cdata->iv, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:441:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->iv, ivec, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/engines/e_padlock.c:615:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128);
data/openssl-3.0.0~~alpha4/fuzz/server.c:625:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char early_buf[16384];
data/openssl-3.0.0~~alpha4/fuzz/test-corpus.c:48:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen(pathname, "rb");
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:31:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:31:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:33:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char ivec[16], int enc);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:34:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:34:67:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:36:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                const unsigned char ivec[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:37:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:37:59:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:39:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       const AES_KEY *key2, const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:40:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:40:59:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:42:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       const AES_KEY *key2, const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:46:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:46:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:48:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       const unsigned char ivec[AES_BLOCK_SIZE]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:52:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:52:57:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:54:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:55:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:55:57:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:57:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:103:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                              uint64_t *Xi, unsigned char ivec[16], const void *key);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:105:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                              uint64_t *Xi, unsigned char ivec[16], const void *key);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:107:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                              uint64_t *Xi, unsigned char ivec[16], const void *key);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:109:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                              uint64_t *Xi, unsigned char ivec[16], const void *key);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:111:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                              uint64_t *Xi, unsigned char ivec[16], const void *key);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:113:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                              uint64_t *Xi, unsigned char ivec[16], const void *key);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:114:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t armv8_aes_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:114:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t armv8_aes_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:115:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], u64 *Xi);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:116:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t armv8_aes_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:116:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t armv8_aes_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:117:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], u64 *Xi);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:168:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_ocb_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:168:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_ocb_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:171:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char offset_i[16],
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:173:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char checksum[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:174:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_ocb_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:174:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_ocb_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:177:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char offset_i[16],
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:179:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char checksum[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:187:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_xts_encrypt(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:188:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:191:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:193:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_xts_decrypt(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:194:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:197:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:199:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_ccm64_encrypt_blocks(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:200:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:203:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                const unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:204:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                unsigned char cmac[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:206:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void aesni_ccm64_decrypt_blocks(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:207:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:210:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                const unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:211:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                unsigned char cmac[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:214:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t aesni_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:214:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t aesni_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:215:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                         const void *key, unsigned char ivec[16], u64 *Xi);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:216:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t aesni_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:216:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t aesni_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:217:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                         const void *key, unsigned char ivec[16], u64 *Xi);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:411:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:411:67:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:413:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                const unsigned char ivec[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:414:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_xts_encrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:414:59:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_xts_encrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:416:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       const AES_KEY *key2, const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:417:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_xts_decrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:417:59:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_xts_decrypt(const unsigned char *inp, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:419:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       const AES_KEY *key2, const unsigned char iv[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:422:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_ocb_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:422:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_ocb_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:425:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char offset_i[16],
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:427:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char checksum[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:432:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_ocb_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:432:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void HWAES_ocb_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:435:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char offset_i[16],
data/openssl-3.0.0~~alpha4/include/crypto/aes_platform.h:437:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char checksum[16]);
data/openssl-3.0.0~~alpha4/include/crypto/aria.h:29:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[ARIA_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/include/crypto/aria.h:33:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/include/crypto/chacha.h:26:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/include/crypto/chacha.h:26:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
data/openssl-3.0.0~~alpha4/include/crypto/des_platform.h:24:69:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             const DES_key_schedule ks[3], unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/include/crypto/des_platform.h:26:69:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             const DES_key_schedule ks[3], unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/include/crypto/des_platform.h:28:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        const DES_key_schedule *ks, unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/include/crypto/des_platform.h:30:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        const DES_key_schedule *ks, unsigned char iv[8]);
data/openssl-3.0.0~~alpha4/include/crypto/ecx.h:66:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pubkey[MAX_KEYLEN];
data/openssl-3.0.0~~alpha4/include/crypto/md32_common.h:150:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p + n, data, HASH_CBLOCK - n);
data/openssl-3.0.0~~alpha4/include/crypto/md32_common.h:164:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p + n, data, len);
data/openssl-3.0.0~~alpha4/include/crypto/md32_common.h:181:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, data, len);
data/openssl-3.0.0~~alpha4/include/crypto/modes.h:136:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char Xn[48];
data/openssl-3.0.0~~alpha4/include/crypto/modes.h:165:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[16];
data/openssl-3.0.0~~alpha4/include/crypto/modes.h:208:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char byte[SIV_LEN];
data/openssl-3.0.0~~alpha4/include/crypto/poly1305.h:20:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*poly1305_emit_f) (void *ctx, unsigned char mac[16],
data/openssl-3.0.0~~alpha4/include/crypto/poly1305.h:29:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[POLY1305_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/include/crypto/poly1305.h:38:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32]);
data/openssl-3.0.0~~alpha4/include/crypto/poly1305.h:40:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]);
data/openssl-3.0.0~~alpha4/include/crypto/x509.h:110:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha1_hash[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/include/crypto/x509.h:185:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha1_hash[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:79:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[CMSG_SPACE(cmsg_len)];
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:217:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[CMSG_SPACE(sizeof(unsigned char))];
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:270:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[CMSG_SPACE(sizeof(unsigned char))];
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:344:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char geniv[12];
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:363:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm128.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:365:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm128.salt, iiv, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:366:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm128.key, key, EVP_CIPHER_key_length(c));
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:367:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm128.rec_seq, rl_sequence,
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:378:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm256.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:380:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm256.salt, iiv, TLS_CIPHER_AES_GCM_256_SALT_SIZE);
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:381:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm256.key, key, EVP_CIPHER_key_length(c));
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:382:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->gcm256.rec_seq, rl_sequence,
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:393:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->ccm128.iv, iiv + EVP_CCM_TLS_FIXED_IV_LEN,
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:395:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->ccm128.salt, iiv, TLS_CIPHER_AES_CCM_128_SALT_SIZE);
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:396:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->ccm128.key, key, EVP_CIPHER_key_length(c));
data/openssl-3.0.0~~alpha4/include/internal/ktls.h:397:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crypto_info->ccm128.rec_seq, rl_sequence,
data/openssl-3.0.0~~alpha4/include/internal/packet.h:366:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(data, pkt->curr, len);
data/openssl-3.0.0~~alpha4/include/internal/packet.h:402:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dest, pkt->curr, pkt->remaining);
data/openssl-3.0.0~~alpha4/include/internal/sha3.h:38:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
data/openssl-3.0.0~~alpha4/include/openssl/camellia.h:103:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                              unsigned char *ivec,
data/openssl-3.0.0~~alpha4/include/openssl/camellia.h:105:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void Camellia_ctr128_encrypt(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/camellia.h:106:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                              unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/camellia.h:109:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                              unsigned char ivec[CAMELLIA_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/camellia.h:110:56:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                              unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/des.h:35:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef unsigned char DES_cblock[8];
data/openssl-3.0.0~~alpha4/include/openssl/des.h:36:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef /* const */ unsigned char const_DES_cblock[8];
data/openssl-3.0.0~~alpha4/include/openssl/ebcdic.h:31:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern const unsigned char os_toascii[256];
data/openssl-3.0.0~~alpha4/include/openssl/ebcdic.h:32:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern const unsigned char os_toebcdic[256];
data/openssl-3.0.0~~alpha4/include/openssl/err.h:55:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *err_data[ERR_NUM_ERRORS];
data/openssl-3.0.0~~alpha4/include/openssl/err.h:58:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *err_file[ERR_NUM_ERRORS];
data/openssl-3.0.0~~alpha4/include/openssl/err.h:60:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *err_func[ERR_NUM_ERRORS];
data/openssl-3.0.0~~alpha4/include/openssl/evp.h:435:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/include/openssl/md2.h:37:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[MD2_BLOCK];
data/openssl-3.0.0~~alpha4/include/openssl/mdc2.h:36:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[MDC2_BLOCK];
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:25:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*block128_f) (const unsigned char in[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:26:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            unsigned char out[16], const void *key);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:28:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:28:61:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:30:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          unsigned char ivec[16], int enc);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:36:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:36:61:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:38:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          const unsigned char ivec[16]);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:40:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:40:61:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:42:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          const unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:43:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          unsigned char cmac[16]);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:45:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:45:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:47:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], block128_f block);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:48:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:48:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:50:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], block128_f block);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:52:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:52:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:54:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:55:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ecount_buf[16], unsigned int *num,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:58:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:58:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:60:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:61:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ecount_buf[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:64:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:64:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:66:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], int *num,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:69:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:69:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:71:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char ivec[16], int *num,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:73:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:73:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:75:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], int *num,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:77:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:77:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:79:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], int *num,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:82:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:83:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:84:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   const void *key, unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:86:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:86:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:88:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], cbc128_f cbc);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:89:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:90:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:91:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   const void *key, unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:93:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:93:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:95:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], cbc128_f cbc);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:97:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:98:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:100:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:102:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:102:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:104:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ivec[16], cbc128_f cbc);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:105:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:106:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:108:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:110:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:110:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:112:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 unsigned char ivec[16], cbc128_f cbc);
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:163:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          const unsigned char iv[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:186:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*ocb128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:186:61:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef void (*ocb128_f) (const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:189:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          unsigned char offset_i[16],
data/openssl-3.0.0~~alpha4/include/openssl/modes.h:191:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                          unsigned char checksum[16]);
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:76:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:79:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:80:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   unsigned char d[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:82:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:83:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                   unsigned char d[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:86:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void SEED_ecb_encrypt(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:87:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char *out,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:89:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void SEED_cbc_encrypt(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:90:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:92:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                       unsigned char ivec[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:94:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void SEED_cfb128_encrypt(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:95:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                          unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:97:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                          unsigned char ivec[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:99:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DEPRECATEDIN_3_0(void SEED_ofb128_encrypt(const unsigned char *in,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:100:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                          unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/include/openssl/seed.h:102:52:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                          unsigned char ivec[SEED_BLOCK_SIZE],
data/openssl-3.0.0~~alpha4/include/openssl/sha.h:103:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char p[SHA512_CBLOCK];
data/openssl-3.0.0~~alpha4/include/openssl/whrlpool.h:37:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/include/openssl/whrlpool.h:41:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[WHIRLPOOL_BBLOCK / 8];
data/openssl-3.0.0~~alpha4/ms/applink.c:115:47:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        OPENSSL_ApplinkTable[APPLINK_FOPEN] = fopen;
data/openssl-3.0.0~~alpha4/ms/uplink.c:26:8:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static TCHAR msg[128];
data/openssl-3.0.0~~alpha4/ms/uplink.c:60:9:  [2] (buffer) _tcscpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer. Risk is low because the source is a constant string.
        _tcscpy(msg + len, _T("unimplemented function"));
data/openssl-3.0.0~~alpha4/ms/uplink.c:65:17:  [2] (buffer) _tcscpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer. Risk is low because the source is a constant string.
                _tcscpy(msg + len, _T("no host application"));
data/openssl-3.0.0~~alpha4/ms/uplink.c:79:17:  [2] (buffer) _tcscpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer. Risk is low because the source is a constant string.
                _tcscpy(msg + len, _T("no OPENSSL_Applink"));
data/openssl-3.0.0~~alpha4/ms/uplink.c:85:17:  [2] (buffer) _tcscpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using a function version that stops copying at the end
  of the buffer. Risk is low because the source is a constant string.
                _tcscpy(msg + len, _T("no ApplinkTable"));
data/openssl-3.0.0~~alpha4/ms/uplink.h:19:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define UP_fgets  (*(char *(*)(char *,int,void *))OPENSSL_UplinkTable[APPLINK_FGETS])
data/openssl-3.0.0~~alpha4/ms/uplink.h:19:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define UP_fgets  (*(char *(*)(char *,int,void *))OPENSSL_UplinkTable[APPLINK_FGETS])
data/openssl-3.0.0~~alpha4/ms/uplink.h:26:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define UP_fopen  (*(void *(*)(const char *,const char *))OPENSSL_UplinkTable[APPLINK_FOPEN])
data/openssl-3.0.0~~alpha4/ms/uplink.h:26:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define UP_fopen  (*(void *(*)(const char *,const char *))OPENSSL_UplinkTable[APPLINK_FOPEN])
data/openssl-3.0.0~~alpha4/providers/fips/fipsprov.c:145:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dgst[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/providers/fips/fipsprov.c:150:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char randbuf[128];
data/openssl-3.0.0~~alpha4/providers/fips/self_test.c:38:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char fixed_key[32] = { 0 };
data/openssl-3.0.0~~alpha4/providers/fips/self_test.c:139:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/fips/self_test.c:140:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[INTEGRITY_BUF_SIZE];
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:24:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:91:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ct_buf[256] = { 0 };
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:92:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pt_buf[256] = { 0 };
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:116:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char tag[16] = { 0 };
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:185:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[64];
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:242:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[256];
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:355:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char secret[256];
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:431:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sig[256];
data/openssl-3.0.0~~alpha4/providers/implementations/asymciphers/rsa_enc.c:394:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdname[OSSL_MAX_NAME_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/asymciphers/rsa_enc.c:395:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdprops[OSSL_MAX_PROPQUERY_SIZE] = { '\0' };
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes.h:33:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char k[32];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes.h:41:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char cv[16];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes.h:42:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char k[32];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h:42:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char tls_aad[16]; /* 13 used */
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:37:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        const AES_KEY *key, unsigned char iv[16],
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:127:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char storage[sizeof(SHA1_MB_CTX) + 32];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:162:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:163:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:169:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:170:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:175:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(blocks[0].c, sctx->md.data, 8);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:206:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:243:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:260:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c, ptr, off);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:325:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:417:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out + aes_off, in + aes_off, plen - aes_off);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:439:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char c[32 + SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:451:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char c[SHA_CBLOCK];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:460:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ctx->base.iv, in, AES_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:636:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hmac_key[64];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:645:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(hmac_key, mac, len);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c:692:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->aux.tls_aad, aad_rec, aad_len);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:37:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                         const AES_KEY *key, unsigned char iv[16],
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:131:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char storage[sizeof(SHA256_MB_CTX) + 32];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:166:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:167:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ciph_d[0].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:173:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out - 16, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:174:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].iv, IVs, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:179:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(blocks[0].c, sctx->md.data, 8);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:214:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:251:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:268:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(blocks[i].c, ptr, off);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:345:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:455:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out + aes_off, in + aes_off, plen - aes_off);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:477:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char c[64 + SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:493:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char c[SHA256_CBLOCK];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:687:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hmac_key[64];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:696:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(hmac_key, mackey, len);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c:743:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->aux.tls_aad, p, aad_len);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ccm.h:26:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char pad[16];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ccm.h:35:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char b[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ccm.h:39:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char b[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ccm.h:41:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char dummy_pad[168];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_gcm.h:32:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char ares[16];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_gcm.h:33:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char mres[16];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_gcm.h:34:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char kres[16];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb.c:349:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->tag, p->data, p->data_size);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb.c:424:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p->data, ctx->tag, ctx->taglen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb.h:34:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tag[OCB_MAX_TAG_LEN];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb.h:35:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data_buf[OCB_MAX_DATA_LEN]; /* Store partial data blocks */
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_ocb.h:36:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aad_buf[OCB_MAX_AAD_LEN];   /* Store partial AAD blocks */
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_xts.h:21:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                 (const unsigned char *in, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_xts.h:21:53:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                 (const unsigned char *in, unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_aes_xts.h:23:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                  const unsigned char iv[16]));
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20.h:20:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[CHACHA_BLK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305.c:122:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p->data, ctx->tag, p->data_size);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305.c:189:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->tag, p->data, p->data_size);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305.h:23:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tag[POLY1305_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305.h:24:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tls_aad[POLY1305_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:23:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->tls_aad, aad, EVP_AEAD_TLS1_AAD_LEN);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:78:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tempiv[CHACHA_CTR_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:83:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tempiv + CHACHA_CTR_SIZE - ctx->nonce_len, bctx->oiv,
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:105:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char zero[4 * CHACHA_BLK_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:107:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char zero[2 * CHACHA_BLK_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:118:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *buf, *tohash, *ctr, storage[sizeof(zero) + 32];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:139:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tohash, ctx->tls_aad, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:164:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tohash, ctx->tls_aad, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:218:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctr, (unsigned char *)&ctx->len, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:247:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, ctx->tag, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:261:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char zero[CHACHA_BLK_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:337:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char temp[POLY1305_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c:375:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out, ctx->tag, POLY1305_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_des_hw.c:139:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[1], d[1];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_desx_hw.c:34:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&tctx->ks2, &key[8], 8);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_desx_hw.c:35:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&tctx->ks3, &key[16], 8);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_null.c:44:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, inl);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc2.c:154:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char iv[16];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c:97:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(out + rc4_off, in + rc4_off, plen - rc4_off);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c:110:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char mac[MD5_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c:195:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hmac_key[64];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c:204:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(hmac_key, key, len);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_default_hw.c:34:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&tctx->ks3, &tctx->ks1, sizeof(tctx->ks1));
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_default_hw.c:43:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&tctx->ks3, &tctx->ks1, sizeof(tctx->ks1));
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_default_hw.c:101:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[1], d[1];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c:30:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char wrap_iv[8] =
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c:38:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char icv[8], iv[TDES_IVLEN], sha1tmp[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c:46:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->iv, wrap_iv, 8);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c:86:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sha1tmp[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c:98:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out + inl + ivlen, sha1tmp, icvlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c:103:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, ctx->iv, ivlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/cipher_tdes_wrap.c:107:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->iv, wrap_iv, ivlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon.c:289:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, ctx->buf, ctx->bufsz);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon.c:418:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->iv, iv, ivlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon.c:419:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->oiv, iv, ivlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_block.c:45:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + *buflen, *in, bufremain);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_block.c:68:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + *buflen, *in, *inlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm.c:28:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->buf, aad, alen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm.c:58:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->iv, fixed, flen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm.c:89:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->buf, p->data, p->data_size);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm.c:217:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->iv, iv, ivlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm.c:316:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, ctx->buf, EVP_CCM_TLS_EXPLICIT_IV_LEN);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm.c:318:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->iv + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_ccm_hw.c:59:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char tag[16];
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm.c:54:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->iv, iv, ivlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm.c:104:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, ctx->iv + ctx->ivlen - olen, olen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm.c:121:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->iv + ctx->ivlen - inl, in, inl);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm.c:417:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, aad, aad_len);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm.c:444:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->iv, iv, ctx->ivlen);
data/openssl-3.0.0~~alpha4/providers/implementations/ciphers/ciphercommon_gcm.c:454:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->iv, iv, len);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2_impl.h:71:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dst, &w, sizeof(w));
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2_impl.h:89:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dst, &w, sizeof(w));
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2b_prov.c:110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(P->personal, personal, len);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2b_prov.c:116:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(P->salt, salt, len);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2b_prov.c:142:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(block, key, P->key_length);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2b_prov.c:271:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(c->buf + c->buflen, in, fill); /* Fill buffer */
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2b_prov.c:293:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(c->buf + c->buflen, in, datalen);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2b_prov.c:324:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md, target, c->outlen);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2s_prov.c:104:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(P->personal, personal, len);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2s_prov.c:110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(P->salt, salt, len);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2s_prov.c:135:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(block, key, P->key_length);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2s_prov.c:262:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(c->buf + c->buflen, in, fill); /* Fill buffer */
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2s_prov.c:284:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(c->buf + c->buflen, in, datalen);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/blake2s_prov.c:315:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md, target, c->outlen);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/sha3_prov.c:70:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctx->buf + num, inp, len);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/sha3_prov.c:75:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->buf + num, inp, rem);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/sha3_prov.c:86:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctx->buf, inp + len - rem, rem);
data/openssl-3.0.0~~alpha4/providers/implementations/digests/sha3_prov.c:149:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(md, ctx->A, ctx->md_size);
data/openssl-3.0.0~~alpha4/providers/implementations/exchange/ecdh_exch.c:188:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[80] = { '\0' }; /* should be big enough */
data/openssl-3.0.0~~alpha4/providers/implementations/exchange/ecdh_exch.c:225:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char mdprops[80] = { '\0' }; /* should be big enough */
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon.h:59:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char oiv[GENERIC_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon.h:61:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[GENERIC_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon.h:62:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[GENERIC_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_ccm.h:22:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char b[16];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_ccm.h:24:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char k[32];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_ccm.h:40:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[GENERIC_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_ccm.h:41:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[GENERIC_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h:26:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char reserved[12];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h:29:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char b[4];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h:33:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char b[16];
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h:35:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char h[16]; /* hash subkey */
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h:42:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char k[32];    /* key */
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h:72:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[GCM_IV_MAX_SIZE]; /* Buffer to use for IV's */
data/openssl-3.0.0~~alpha4/providers/implementations/include/prov/ciphercommon_gcm.h:73:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[AES_BLOCK_SIZE]; /* Buffer of partial blocks processed via update calls */
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/hkdf.c:65:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char info[HKDF_MAXBUF];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/hkdf.c:305:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char prk[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/hkdf.c:413:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char prev[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/hkdf.c:461:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(okm + done_len, prev, copy_len);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/kbkdf.c:149:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(k_i, iv, iv_len);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/kbkdf.c:171:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ko + written, k_i, MIN(to_write, h));
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/krb5kdf.c:253:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(block, constant, constant_len);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/krb5kdf.c:340:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char block[EVP_MAX_BLOCK_LENGTH * 2];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/krb5kdf.c:407:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(okey + osize, cipherblock, cipherlen);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/pbkdf2.c:261:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/pbkdf2.c:324:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, digtmp, cplen);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/scrypt.c:296:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(B_ + (i / 2 + (i & 1) * r) * 16, X, sizeof(X));
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sshkdf.c:214:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sshkdf.c:242:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(okey, digest, okey_len);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sshkdf.c:247:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(okey, digest, dsize);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sshkdf.c:267:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(okey + cursize, digest, okey_len - cursize);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sshkdf.c:272:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(okey + cursize, digest, dsize);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sskdf.c:100:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[4];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sskdf.c:101:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sskdf.c:145:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, mac, len);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sskdf.c:220:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[4];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sskdf.c:221:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac_buf[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/sskdf.c:275:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, mac, len);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/tls1_prf.c:91:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed[TLS1_PRF_MAXBUF];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/tls1_prf.c:275:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char Ai[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/tls1_prf.c:322:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, Ai, olen);
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/x942kdf.c:126:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char ctr[4] = { 0x00, 0x00, 0x00, 0x01 };
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/x942kdf.c:188:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/kdfs/x942kdf.c:233:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, mac, len);
data/openssl-3.0.0~~alpha4/providers/implementations/keymgmt/ecx_kmgmt.c:722:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/providers/implementations/keymgmt/ecx_kmgmt.c:789:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char x_dst[57], buff[114];
data/openssl-3.0.0~~alpha4/providers/implementations/macs/blake2_mac_impl.c:38:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[BLAKE2_KEYBYTES];
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:124:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[KMAC_MAX_KEY_ENCODED];
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:125:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char custom[KMAC_MAX_CUSTOM_ENCODED];
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:224:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst->key, src->key, src->key_len);
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:225:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst->custom, src->custom, dst->custom_len);
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:239:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[KMAC_MAX_BLOCKSIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:292:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char encoded_outlen[KMAC_MAX_ENCODED_HEADER_LEN];
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:455:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out + len + 1, in, in_len);
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:481:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, in1, in1_len);
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:485:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, in2, in2_len);
data/openssl-3.0.0~~alpha4/providers/implementations/macs/kmac_prov.c:506:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[KMAC_MAX_KEY + KMAC_MAX_ENCODED_HEADER_LEN];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/crngt.c:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char crngt_prev[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/crngt.c:51:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, p, CRNGT_BUFSIZ);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/crngt.c:69:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[CRNGT_BUFSIZ];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/crngt.c:100:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[CRNGT_BUFSIZ], md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/crngt.c:123:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(crngt_glob->crngt_prev, md, sz);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:47:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char K[32];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:48:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char V[16];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:50:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bltmp[16];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:52:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char KX[48];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:120:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char in_tmp[48];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:123:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(in_tmp, in, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:124:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(in_tmp + 16, in, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:126:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(in_tmp + 32, in, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:138:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bltmp[48] = {0};
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:163:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ctr->bltmp + ctr->bltmp_pos, in, left);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:180:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ctr->bltmp + ctr->bltmp_pos, in, inlen);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:266:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char V_tmp[48], out[48];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:270:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(V_tmp, ctr->V, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:272:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(V_tmp + 16, ctr->V, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:277:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(V_tmp + 32, ctr->V, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:283:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctr->K, out, ctr->keylen);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:284:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctr->V, out + ctr->keylen, 16);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:559:35:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            static const unsigned char df_key[32] = {
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_ctr.c:683:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(ecb + p->data_size - sizeof("ECB"), "ECB");
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:52:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char V[HASH_PRNG_MAX_SEEDLEN];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:53:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char C[HASH_PRNG_MAX_SEEDLEN];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:55:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char vtmp[HASH_PRNG_MAX_SEEDLEN];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:77:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[1 + 4 + 1];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:113:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, vtmp, outlen);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:214:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hash->vtmp, hash->V, drbg->seedlen);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:224:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, hash->vtmp, outlen);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:296:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hash->V, hash->C, drbg->seedlen);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hash.c:325:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char counter[4];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hmac.c:39:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char K[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hmac.c:40:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char V[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/drbg_hmac.c:235:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out, hmac->V, outlen);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/rand_pool.c:229:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, pool->buffer, pool->len);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/rand_pool.c:340:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(pool->buffer + pool->len, buffer, len);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c:435:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                kernel[0] = atoi(un.release);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c:437:45:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                kernel[1] = p == NULL ? 0 : atoi(p + 1);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c:445:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) {
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c:518:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((rd->fd = open(random_device_paths[n], O_RDONLY)) == -1)
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_vms.c:534:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buffer[256];
data/openssl-3.0.0~~alpha4/providers/implementations/rands/test_rng.c:178:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, t->nonce, t->nonce_len);
data/openssl-3.0.0~~alpha4/providers/implementations/serializers/serializer_common.c:55:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[PEM_BUFSIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/dsa.c:77:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdname[OSSL_MAX_NAME_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/dsa.c:80:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/dsa.c:290:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/dsa.c:320:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/dsa.c:433:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
data/openssl-3.0.0~~alpha4/providers/implementations/signature/dsa.c:434:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
data/openssl-3.0.0~~alpha4/providers/implementations/signature/ecdsa.c:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdname[OSSL_MAX_NAME_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/ecdsa.c:68:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/ecdsa.c:277:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/ecdsa.c:304:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:87:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char aid_buf[128];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:95:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdname[OSSL_MAX_NAME_SIZE]; /* Purely informational */
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:101:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mgf1_mdname[OSSL_MAX_NAME_SIZE]; /* Purely informational */
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:467:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(prsactx->tbuf, tbs, tbslen);
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:604:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(rout, prsactx->tbuf, ret);
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:775:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:810:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:1004:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:1005:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:1137:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                saltlen = atoi(p->data);
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:1189:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:1190:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
data/openssl-3.0.0~~alpha4/ssl/d1_lib.c:307:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval));
data/openssl-3.0.0~~alpha4/ssl/d1_lib.c:449:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cookie[DTLS1_COOKIE_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/d1_lib.c:450:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seq[SEQ_NUM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/d1_lib.c:776:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&wbuf[DTLS1_RT_HEADER_LENGTH + 1],
data/openssl-3.0.0~~alpha4/ssl/d1_msg.c:40:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[DTLS1_AL_HEADER_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/record/dtls1_bitmap.c:72:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(bitmap->max_seq_num, seq, SEQ_NUM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:101:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(rl->d->curr_write_sequence,
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:106:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(rl->d->last_write_sequence,
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:116:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(rl->write_sequence, seq, SEQ_NUM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:130:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&s->rlayer.rbuf, &(rdata->rbuf), sizeof(SSL3_BUFFER));
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:131:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&s->rlayer.rrec, &(rdata->rrec), sizeof(SSL3_RECORD));
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:134:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(s->rlayer.read_sequence[2]), &(rdata->packet[5]), 6);
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:160:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(rdata->rbuf), &s->rlayer.rbuf, sizeof(SSL3_BUFFER));
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:161:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(rdata->rrec), &s->rlayer.rrec, sizeof(SSL3_RECORD));
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:512:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, &(SSL3_RECORD_get_data(rr)[SSL3_RECORD_get_off(rr)]), n);
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:607:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tmp[16];
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:913:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(SSL3_RECORD_get_data(&wr), SSL3_RECORD_get_input(&wr),
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:966:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(pseq, &(s->rlayer.write_sequence[2]), 6);
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_d1.c:1053:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->rlayer.d->last_write_sequence, seq,
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_s3.c:445:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char aad[13];
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_s3.c:499:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(aad, s->rlayer.write_sequence, 8);
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_s3.c:1479:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, &(rr->data[rr->off]), n);
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_s3.c:1607:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tmp[16];
data/openssl-3.0.0~~alpha4/ssl/record/rec_layer_s3.c:1697:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dest + *dest_len,
data/openssl-3.0.0~~alpha4/ssl/record/record.h:70:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seq_num[SEQ_NUM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/record.h:77:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char max_seq_num[SEQ_NUM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/record.h:117:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char last_write_sequence[8];
data/openssl-3.0.0~~alpha4/ssl/record/record.h:118:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char curr_write_sequence[8];
data/openssl-3.0.0~~alpha4/ssl/record/record.h:154:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char handshake_fragment[4];
data/openssl-3.0.0~~alpha4/ssl/record/record.h:165:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char read_sequence[SEQ_NUM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/record.h:166:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char write_sequence[SEQ_NUM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_buffer.c:16:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(b->buf, d, n);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:17:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char ssl3_pad_1[48] = {
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:26:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char ssl3_pad_2[48] = {
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:63:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r->seq_num, seq_num, SEQ_NUM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:183:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:612:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char mac_tmp[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:974:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1078:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    unsigned char dtlsseq[9], *p = dtlsseq;
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1082:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(p, &seq[2], 6);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1083:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(buf[ctr], dtlsseq, 8);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1085:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(buf[ctr], seq, 8);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1135:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char *data[SSL_MAX_PIPELINES];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1283:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char header[75];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1285:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(header + j, mac_sec, md_size);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1287:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(header + j, ssl3_pad_1, npad);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1289:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(header + j, seq, 8);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1344:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char header[13];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1382:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char dtlsseq[8], *p = dtlsseq;
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1386:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, &seq[2], 6);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1388:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(header, dtlsseq, 8);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1390:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(header, seq, 8);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1583:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rotated_mac_buf[64 + EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1586:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rotated_mac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1635:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        ((volatile unsigned char *)rotated_mac)[rotate_offset ^ 32];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1662:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1747:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char mac_tmp[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record.c:1942:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(RECORD_LAYER_get_read_sequence(&s->rlayer)[2]), p, 6);
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record_tls13.c:28:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH], recheader[SSL3_RT_HEADER_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/record/ssl3_record_tls13.c:134:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, staticiv, offset);
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:136:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char *md_out,
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:138:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           const unsigned char header[13],
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:147:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char c[sizeof(LARGEST_DIGEST_CTX)];
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:156:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char length_bytes[MAX_HASH_BIT_COUNT_BYTES];
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:158:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hmac_pad[MAX_HASH_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:159:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char first_block[MAX_HASH_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:160:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mac_out[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:347:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(hmac_pad, mac_secret, mac_secret_length);
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:387:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(first_block, header + md_block_size, overhang);
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:388:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(first_block + overhang, data, md_block_size - overhang);
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:394:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(first_block, header, 13);
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:395:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(first_block + 13, data, md_block_size - 13);
data/openssl-3.0.0~~alpha4/ssl/s3_cbc.c:412:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char block[MAX_HASH_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/ssl/s3_enc.c:23:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/s3_enc.c:74:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(km, smd, (num - i));
data/openssl-3.0.0~~alpha4/ssl/s3_enc.c:236:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(mac_secret, ms, i);
data/openssl-3.0.0~~alpha4/ssl/s3_enc.c:492:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char *salt[3] = {
data/openssl-3.0.0~~alpha4/ssl/s3_enc.c:503:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/s3_enc.c:517:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                strlen((const char *)salt[i])) <= 0
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:3892:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(keys, ctx->ext.tick_key_name,
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:3894:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(keys + sizeof(ctx->ext.tick_key_name),
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:3897:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(keys + sizeof(ctx->ext.tick_key_name) +
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:4666:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(result + len - sizeof(tls12downgrade), tls12downgrade,
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:4669:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(result + len - sizeof(tls11downgrade), tls11downgrade,
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:4703:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(t, pms, pmslen);
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:4706:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(t, s->s3.tmp.psk, psklen);
data/openssl-3.0.0~~alpha4/ssl/ssl_asn1.c:110:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cipher_data[2];
data/openssl-3.0.0~~alpha4/ssl/ssl_asn1.c:234:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst, src->data, src->length);
data/openssl-3.0.0~~alpha4/ssl/ssl_cert.c:134:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(ret->pkeys[i].serverinfo,
data/openssl-3.0.0~~alpha4/ssl/ssl_cert.c:145:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret->conf_sigalgs, cert->conf_sigalgs,
data/openssl-3.0.0~~alpha4/ssl/ssl_cert.c:156:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ret->client_sigalgs, cert->client_sigalgs,
data/openssl-3.0.0~~alpha4/ssl/ssl_cert.c:734:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/openssl-3.0.0~~alpha4/ssl/ssl_ciph.c:1304:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[80];
data/openssl-3.0.0~~alpha4/ssl/ssl_ciph.c:1311:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(name, elem, len);
data/openssl-3.0.0~~alpha4/ssl/ssl_conf.c:90:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *cert_filename[SSL_PKEY_NUM];
data/openssl-3.0.0~~alpha4/ssl/ssl_conf.c:592:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int block_size = atoi(value);
data/openssl-3.0.0~~alpha4/ssl/ssl_conf.c:611:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int num_tickets = atoi(value);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:361:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(t->data, data, dlen);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:815:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:894:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:908:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:946:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(r.session_id, id, id_len);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:1446:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, s->s3.tmp.finish_md, count);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:1458:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, s->s3.tmp.peer_finish_md, count);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:3065:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp_storage[4];
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:3069:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(tmp_storage, a->session_id, a->session_id_length);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:4387:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, ssl->s3.client_random, outlen);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:4397:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, ssl->s3.server_random, outlen);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:4408:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, session->master_key, outlen);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:4418:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sess->master_key, in, len);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:5465:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(cursor, "%02x", parameter_1[i]);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:5471:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(cursor, "%02x", parameter_2[i]);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:5609:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cipher[SSLV2_CIPHER_LEN];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:560:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char early_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:565:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char master_key[TLS13_MAX_RESUMPTION_PSK_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:568:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:575:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:724:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char random[SSL3_RANDOM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:726:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:728:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dtls_cookie[DTLS1_COOKIE_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:731:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char compressions[MAX_COMPRESSIONS_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:780:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tick_hmac_key[TLSEXT_TICK_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:781:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tick_aes_key[TLSEXT_TICK_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:974:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1029:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char tick_key_name[TLSEXT_KEYNAME_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1106:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char cookie_hmac_key[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1250:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1252:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1253:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char server_random[SSL3_RANDOM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1254:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char client_random[SSL3_RANDOM_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1278:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char send_alert[2];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1289:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1291:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1370:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1372:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1442:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char early_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1443:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char handshake_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1444:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char master_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1445:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char resumption_master_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1446:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char client_finished_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1447:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char server_finished_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1448:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char server_finished_hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1449:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char handshake_traffic_hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1450:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char client_app_traffic_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1451:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char server_app_traffic_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1452:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char exporter_master_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1453:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char early_exporter_master_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1455:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char read_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static read IV */
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1460:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char write_iv[EVP_MAX_IV_LENGTH]; /* TLSv1.3 static write IV */
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1471:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cert_verify_hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1483:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1496:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp_session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1873:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char priority[8];  /* 64-bit value in big-endian encoding */
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:1893:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cookie[DTLS1_COOKIE_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:2191:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern const unsigned char tls11downgrade[8];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:2192:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern const unsigned char tls12downgrade[8];
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:2754:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                  unsigned char *md_out,
data/openssl-3.0.0~~alpha4/ssl/ssl_local.h:2756:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                  const unsigned char header[13],
data/openssl-3.0.0~~alpha4/ssl/ssl_rsa.c:903:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
data/openssl-3.0.0~~alpha4/ssl/ssl_rsa.c:1034:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(serverinfo + serverinfo_length + contextoff,
data/openssl-3.0.0~~alpha4/ssl/ssl_sess.c:116:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dest, src, sizeof(*dest));
data/openssl-3.0.0~~alpha4/ssl/ssl_sess.c:408:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
data/openssl-3.0.0~~alpha4/ssl/ssl_sess.c:434:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(data.session_id, sess_id, sess_id_len);
data/openssl-3.0.0~~alpha4/ssl/ssl_sess.c:822:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->session_id, sid, sid_len);
data/openssl-3.0.0~~alpha4/ssl/ssl_sess.c:967:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
data/openssl-3.0.0~~alpha4/ssl/ssl_sess.c:1035:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(s->ext.session_ticket->data, ext_data, ext_len);
data/openssl-3.0.0~~alpha4/ssl/statem/extensions.c:1460:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE], binderkey[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/extensions.c:1461:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char finishedkey[EVP_MAX_MD_SIZE], tmpbinder[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:284:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->session->ext.tick,
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:782:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char identity[PSK_MAX_IDENTITY_LEN + 1];
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:805:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char psk[PSK_MAX_PSK_LEN];
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:1644:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(s->ext.npn, selected, selected_len);
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:2036:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->early_secret, s->psksession->early_secret, EVP_MAX_MD_SIZE);
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_srvr.c:745:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hmac[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_srvr.c:746:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hrr[MAX_HRR_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_srvr.c:1107:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char pskdata[PSK_MAX_PSK_LEN];
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_srvr.c:1171:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(sess->sid_ctx, s->sid_ctx, s->sid_ctx_length);
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_srvr.c:1916:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char cryptopro_ext[36] = {
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:1223:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(s->tmp_session_id, s->session->session_id, sess_id_len);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:1635:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(s->session->session_id, PACKET_data(&session_id),
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:1705:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char sctpauthkey[64];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:1706:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:1713:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:2886:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char identity[PSK_MAX_IDENTITY_LEN + 1];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:2888:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char psk[PSK_MAX_PSK_LEN];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:3176:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char shared_ukm[32], tmp[256];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:3327:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rnd_dgst[32], tmp[255];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:3542:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char sctpauthkey[64];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:3543:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:3550:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:510:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&p[frag->msg_header.frag_off], frag->fragment,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:536:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seq64be[8];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:558:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:576:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char devnull[256];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:645:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seq64be[8];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:673:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char devnull[256];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:697:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:739:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char wire[DTLS1_HM_HEADER_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:776:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->init_buf->data, wire, readbytes);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:1034:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seq64be[8];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:1047:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(frag->fragment, s->init_buf->data, s->init_num);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:1104:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seq64be[8];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_dtls.c:1128:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(s->init_buf->data, frag->fragment,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:209:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(tls13tbs + TLS13_TBS_PREAMBLE_SIZE, s->cert_verify_hash,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:245:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tls13tbs[TLS13_TBS_PREAMBLE_SIZE + EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:388:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tls13tbs[TLS13_TBS_PREAMBLE_SIZE + EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:624:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->s3.previous_client_finished, s->s3.tmp.finish_md,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:628:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->s3.previous_server_finished, s->s3.tmp.finish_md,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:850:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->s3.previous_client_finished, s->s3.tmp.peer_finish_md,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:854:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->s3.previous_server_finished, s->s3.tmp.peer_finish_md,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:2206:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hashvaltmp[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:2207:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char msghdr[SSL3_HM_HEADER_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:2386:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tbs, s->s3.client_random, SSL3_RANDOM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:2387:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tbs + SSL3_RANDOM_SIZE, s->s3.server_random, SSL3_RANDOM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_lib.c:2389:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tbs + SSL3_RANDOM_SIZE * 2, param, paramlen);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:865:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char sctpauthkey[64];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:866:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:873:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:1660:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(s->s3.client_random, clienthello->random, SSL3_RANDOM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:1861:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->tmp_session_id, s->clienthello->session_id,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:2938:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char psk[PSK_MAX_PSK_LEN];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3299:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char premaster_secret[32];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3407:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rnd_dgst[32];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3410:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char premaster_secret[32];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3567:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char sctpauthkey[64];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3568:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3574:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3905:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:3906:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key_name[TLSEXT_KEYNAME_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:4038:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(key_name, tctx->ext.tick_key_name,
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:4113:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tick_nonce[TICKET_NONCE_SIZE];
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:4115:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char age_add_c[sizeof(uint32_t)];
data/openssl-3.0.0~~alpha4/ssl/t1_enc.c:337:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(mac_secret, ms, i);
data/openssl-3.0.0~~alpha4/ssl/t1_enc.c:627:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/t1_enc.c:657:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char hash[EVP_MAX_MD_SIZE * 2];
data/openssl-3.0.0~~alpha4/ssl/t1_enc.c:739:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(val + currentvalpos, (unsigned char *)label, llen);
data/openssl-3.0.0~~alpha4/ssl/t1_enc.c:741:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(val + currentvalpos, s->s3.client_random, SSL3_RANDOM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/t1_enc.c:743:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(val + currentvalpos, s->s3.server_random, SSL3_RANDOM_SIZE);
data/openssl-3.0.0~~alpha4/ssl/t1_enc.c:752:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(val + currentvalpos, context, contextlen);
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:559:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char gtmp[2];
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:703:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char etmp[20];
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:711:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(etmp, elem, len);
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:1437:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sigalgstr[2];
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:1775:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tick_hmac[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:1940:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(sess->session_id, sess_id, sesslen);
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:2029:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sigalgstr[2];
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:2394:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char etmp[TLS_MAX_SIGSTRING_LEN], *p;
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:2402:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(etmp, elem, len);
data/openssl-3.0.0~~alpha4/ssl/t1_lib.c:2478:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sigalgs, psigs, salglen * sizeof(*sigalgs));
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:22:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char default_zeros[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:55:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hkdflabel[sizeof(uint16_t) + sizeof(uint8_t)
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:198:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char preextractsec[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:228:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:319:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:320:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char finsecret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:504:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:505:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:506:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hashval[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:718:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->server_finished_hash, hashval, hashlen);
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:721:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->handshake_traffic_hash, hashval, hashlen);
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:750:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->server_app_traffic_secret, secret, hashlen);
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:767:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->client_app_traffic_secret, secret, hashlen);
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:849:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[EVP_MAX_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:851:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:880:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(insecret, secret, hashlen);
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:904:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char exportsecret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:910:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE], data[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:951:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char exportsecret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls13_enc.c:952:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE], data[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/ssl/tls_srp.c:143:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/ssl/tls_srp.c:376:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
data/openssl-3.0.0~~alpha4/test/acvp_test.c:622:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/acvp_test.c:678:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[256] = { 0 };
data/openssl-3.0.0~~alpha4/test/acvp_test.c:726:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[1024];
data/openssl-3.0.0~~alpha4/test/acvp_test.c:813:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[1024];
data/openssl-3.0.0~~alpha4/test/acvp_test.c:1260:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pt[2048];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:44:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char outbuf[64];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:72:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pt[32];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:73:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char outbuf[32];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:95:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tag[32];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:96:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ct[32];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:122:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv_gen[16];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:123:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tag[32];
data/openssl-3.0.0~~alpha4/test/aesgcmtest.c:124:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ct[32];
data/openssl-3.0.0~~alpha4/test/afalgtest.c:55:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char in[BUFFER_SIZE] = "\x53\x69\x6e\x67\x6c\x65\x20\x62"
data/openssl-3.0.0~~alpha4/test/afalgtest.c:57:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ebuf[BUFFER_SIZE + 32];
data/openssl-3.0.0~~alpha4/test/afalgtest.c:58:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dbuf[BUFFER_SIZE + 32];
data/openssl-3.0.0~~alpha4/test/asn1_encode_test.c:474:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bytes[1];       /* In reality, there's more */
data/openssl-3.0.0~~alpha4/test/asn1_encode_test.c:643:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, t_true, sizeof(t_true)); /* Marks decoding success */
data/openssl-3.0.0~~alpha4/test/asn1_encode_test.c:649:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, custom_data->bytes1, custom_data->nbytes1);
data/openssl-3.0.0~~alpha4/test/asn1_encode_test.c:659:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, custom_data->bytes2, custom_data->nbytes2);
data/openssl-3.0.0~~alpha4/test/asynciotest.c:209:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char smallrec[MIN_RECORD_LEN] = {
data/openssl-3.0.0~~alpha4/test/asynciotest.c:297:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(testdata)];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:49:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char client_random[SSL3_RANDOM_SIZE];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:50:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char server_random[SSL3_RANDOM_SIZE];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:53:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char session_id[32];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:54:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char master_secret[48];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:55:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cookie[20];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:58:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char key_block[104];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(session_asn1 + SS_SESSID_OFS, session_id, sizeof(session_id));
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:111:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(session_asn1 + SS_SECRET_OFS, master_secret, sizeof(master_secret));
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:215:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hello_verify + HV_COOKIE_OFS, cookie, sizeof(cookie));
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:259:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(server_hello + SH_RANDOM_OFS, server_random, sizeof(server_random));
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:260:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(server_hello + SH_SESSID_OFS, session_id, sizeof(session_id));
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:279:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char epoch[2] = { 0x00, 0x01 };
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:280:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char seq[6] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:281:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char ver[2] = { 0x01, 0x00 }; /* DTLS1_BAD_VER */
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:282:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char lenbytes[2];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:286:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[16];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:304:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(enc, msg, len);
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:359:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char finished_msg[DTLS1_HM_HEADER_LENGTH +
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:368:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char handshake_hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/bad_dtls_test.c:474:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(server_random, &now, sizeof(now));
data/openssl-3.0.0~~alpha4/test/bftest.c:31:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char bf_key[2][30] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:51:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char ecb_data[NUM_TESTS][8] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:88:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char plain_data[NUM_TESTS][8] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:125:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cipher_data[NUM_TESTS][8] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:162:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_key[16] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:166:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_iv[8] =
data/openssl-3.0.0~~alpha4/test/bftest.c:168:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char cbc_data[40] = "7654321 Now is the time for ";
data/openssl-3.0.0~~alpha4/test/bftest.c:169:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_ok[32] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:191:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char key_test[KEY_TEST_NUM] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:198:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char key_data[8] =
data/openssl-3.0.0~~alpha4/test/bftest.c:201:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char key_out[KEY_TEST_NUM][8] = {
data/openssl-3.0.0~~alpha4/test/bftest.c:299:51:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]);
data/openssl-3.0.0~~alpha4/test/bftest.c:318:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[8];
data/openssl-3.0.0~~alpha4/test/bftest.c:337:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[8];
data/openssl-3.0.0~~alpha4/test/bftest.c:350:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_in[40], cbc_out[40], iv[8];
data/openssl-3.0.0~~alpha4/test/bftest.c:366:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, cbc_iv, 8);
data/openssl-3.0.0~~alpha4/test/bftest.c:376:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_in[40], cbc_out[40], iv[8];
data/openssl-3.0.0~~alpha4/test/bftest.c:386:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, cbc_iv, 8);
data/openssl-3.0.0~~alpha4/test/bftest.c:396:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, cbc_iv, 8);
data/openssl-3.0.0~~alpha4/test/bftest.c:408:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_in[40], cbc_out[40], iv[8];
data/openssl-3.0.0~~alpha4/test/bftest.c:418:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, cbc_iv, 8);
data/openssl-3.0.0~~alpha4/test/bftest.c:428:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, cbc_iv, 8);
data/openssl-3.0.0~~alpha4/test/bio_callback_test.c:19:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *my_param_argp[MAXCOUNT];
data/openssl-3.0.0~~alpha4/test/bio_callback_test.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[16];
data/openssl-3.0.0~~alpha4/test/bio_enc_test.c:42:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char inp[BUF_SIZE] = { 0 };
data/openssl-3.0.0~~alpha4/test/bio_enc_test.c:43:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[BUF_SIZE], ref[BUF_SIZE];
data/openssl-3.0.0~~alpha4/test/bio_memleak_test.c:22:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[100];
data/openssl-3.0.0~~alpha4/test/bio_memleak_test.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char data[16];
data/openssl-3.0.0~~alpha4/test/bio_memleak_test.c:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char data[16];
data/openssl-3.0.0~~alpha4/test/bio_memleak_test.c:152:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char data[16];
data/openssl-3.0.0~~alpha4/test/bio_memleak_test.c:188:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char data[16];
data/openssl-3.0.0~~alpha4/test/bio_prefix_text.c:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[4096];
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:133:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bio_buf[80];
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:162:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bio_buf[80];
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:192:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[80], result[80];
data/openssl-3.0.0~~alpha4/test/bioprinttest.c:246:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80];
data/openssl-3.0.0~~alpha4/test/casttest.c:27:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char k[16] = {
data/openssl-3.0.0~~alpha4/test/casttest.c:32:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char in[8] =
data/openssl-3.0.0~~alpha4/test/casttest.c:37:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char c[3][8] = {
data/openssl-3.0.0~~alpha4/test/casttest.c:43:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char in_a[16] = {
data/openssl-3.0.0~~alpha4/test/casttest.c:48:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char in_b[16] = {
data/openssl-3.0.0~~alpha4/test/casttest.c:53:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char c_a[16] = {
data/openssl-3.0.0~~alpha4/test/casttest.c:58:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char c_b[16] = {
data/openssl-3.0.0~~alpha4/test/casttest.c:67:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[80];
data/openssl-3.0.0~~alpha4/test/casttest.c:89:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out_a[16], out_b[16];
data/openssl-3.0.0~~alpha4/test/casttest.c:91:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out_a, in_a, sizeof(in_a));
data/openssl-3.0.0~~alpha4/test/casttest.c:92:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out_b, in_b, sizeof(in_b));
data/openssl-3.0.0~~alpha4/test/chacha_internal_test.c:162:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[sizeof(ref)];
data/openssl-3.0.0~~alpha4/test/chacha_internal_test.c:166:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + i, ref + i, sizeof(ref) - i);
data/openssl-3.0.0~~alpha4/test/cmactest.c:28:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char xtskey[32] = {
data/openssl-3.0.0~~alpha4/test/cmactest.c:35:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char key[32];
data/openssl-3.0.0~~alpha4/test/cmactest.c:37:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char data[64];
data/openssl-3.0.0~~alpha4/test/cmactest.c:110:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/test/cmactest.c:172:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[AES_BLOCK_SIZE];
data/openssl-3.0.0~~alpha4/test/cmactest.c:202:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[80];
data/openssl-3.0.0~~alpha4/test/cmactest.c:205:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(&(buf[i * 2]), "%02x", md[i]);
data/openssl-3.0.0~~alpha4/test/cmp_asn_test.c:14:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
data/openssl-3.0.0~~alpha4/test/cmp_client_test.c:40:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:205:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char str[16 /* = len */];
data/openssl-3.0.0~~alpha4/test/cmp_hdr_test.c:17:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
data/openssl-3.0.0~~alpha4/test/cmp_hdr_test.c:309:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20];
data/openssl-3.0.0~~alpha4/test/cmp_hdr_test.c:406:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
data/openssl-3.0.0~~alpha4/test/cmp_msg_test.c:34:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
data/openssl-3.0.0~~alpha4/test/cmp_msg_test.c:142:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char secret[16];
data/openssl-3.0.0~~alpha4/test/cmp_protect_test.c:70:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
data/openssl-3.0.0~~alpha4/test/cmp_vfy_test.c:79:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
data/openssl-3.0.0~~alpha4/test/cmp_vfy_test.c:489:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char trans_id[OSSL_CMP_TRANSACTIONID_LENGTH] = {
data/openssl-3.0.0~~alpha4/test/cmp_vfy_test.c:513:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char rec_nonce[OSSL_CMP_SENDERNONCE_LENGTH] = {
data/openssl-3.0.0~~alpha4/test/cmsapitest.c:32:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80];
data/openssl-3.0.0~~alpha4/test/conf_include_test.c:155:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char max[(sizeof(long) * 8) / 3 + 3];
data/openssl-3.0.0~~alpha4/test/conf_include_test.c:158:15:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    p = max + sprintf(max, "0%ld", LONG_MAX) - 1;
data/openssl-3.0.0~~alpha4/test/ct_test.c:232:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char expected_sct_text[CT_TEST_MAX_FILE_SIZE];
data/openssl-3.0.0~~alpha4/test/d2i_test.c:49:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[2048];
data/openssl-3.0.0~~alpha4/test/danetest.c:157:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[1024];
data/openssl-3.0.0~~alpha4/test/destest.c:32:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char key_data[NUM_TESTS][8] = {
data/openssl-3.0.0~~alpha4/test/destest.c:69:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char plain_data[NUM_TESTS][8] = {
data/openssl-3.0.0~~alpha4/test/destest.c:106:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cipher_data[NUM_TESTS][8] = {
data/openssl-3.0.0~~alpha4/test/destest.c:143:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cipher_ecb2[NUM_TESTS - 1][8] = {
data/openssl-3.0.0~~alpha4/test/destest.c:179:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_key[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:181:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc2_key[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:183:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc3_key[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:185:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_iv[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:192:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_data[40] = {
data/openssl-3.0.0~~alpha4/test/destest.c:200:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_ok[32] = {
data/openssl-3.0.0~~alpha4/test/destest.c:210:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc2_key[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:212:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char xcbc_ok[32] = {
data/openssl-3.0.0~~alpha4/test/destest.c:219:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char xcbc_ok[32] = {
data/openssl-3.0.0~~alpha4/test/destest.c:227:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc3_ok[32] = {
data/openssl-3.0.0~~alpha4/test/destest.c:234:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char pcbc_ok[32] = {
data/openssl-3.0.0~~alpha4/test/destest.c:241:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_key[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:243:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_iv[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:245:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
data/openssl-3.0.0~~alpha4/test/destest.c:246:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char plain[24] = {
data/openssl-3.0.0~~alpha4/test/destest.c:253:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_cipher8[24] = {
data/openssl-3.0.0~~alpha4/test/destest.c:258:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_cipher16[24] = {
data/openssl-3.0.0~~alpha4/test/destest.c:263:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_cipher32[24] = {
data/openssl-3.0.0~~alpha4/test/destest.c:268:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_cipher48[24] = {
data/openssl-3.0.0~~alpha4/test/destest.c:273:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_cipher64[24] = {
data/openssl-3.0.0~~alpha4/test/destest.c:278:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char ofb_key[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:280:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char ofb_iv[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:282:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char ofb_buf1[24], ofb_buf2[24], ofb_tmp[8];
data/openssl-3.0.0~~alpha4/test/destest.c:283:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char ofb_cipher[24] = {
data/openssl-3.0.0~~alpha4/test/destest.c:289:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cbc_cksum_data[8] =
data/openssl-3.0.0~~alpha4/test/destest.c:292:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *pt(const unsigned char *p, char buf[DATA_BUF_SIZE])
data/openssl-3.0.0~~alpha4/test/destest.c:292:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *pt(const unsigned char *p, char buf[DATA_BUF_SIZE])
data/openssl-3.0.0~~alpha4/test/destest.c:292:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char *pt(const unsigned char *p, char buf[DATA_BUF_SIZE])
data/openssl-3.0.0~~alpha4/test/destest.c:311:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE];
data/openssl-3.0.0~~alpha4/test/destest.c:314:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(in, plain_data[i], 8);
data/openssl-3.0.0~~alpha4/test/destest.c:337:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE];
data/openssl-3.0.0~~alpha4/test/destest.c:342:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(in, plain_data[i], 8);
data/openssl-3.0.0~~alpha4/test/destest.c:363:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_in[40];
data/openssl-3.0.0~~alpha4/test/destest.c:364:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_out[40];
data/openssl-3.0.0~~alpha4/test/destest.c:373:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:379:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:389:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_in[40];
data/openssl-3.0.0~~alpha4/test/destest.c:390:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_out[40];
data/openssl-3.0.0~~alpha4/test/destest.c:397:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:402:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:412:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_in[40];
data/openssl-3.0.0~~alpha4/test/destest.c:413:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_out[40];
data/openssl-3.0.0~~alpha4/test/destest.c:425:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:434:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:442:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_out[40];
data/openssl-3.0.0~~alpha4/test/destest.c:448:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:457:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_out[40];
data/openssl-3.0.0~~alpha4/test/destest.c:463:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, cbc_iv, sizeof(cbc_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:488:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_in[40];
data/openssl-3.0.0~~alpha4/test/destest.c:489:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbc_out[40];
data/openssl-3.0.0~~alpha4/test/destest.c:511:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:516:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:552:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:559:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:567:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:574:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:587:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:595:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:609:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:614:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:627:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:636:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:650:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:660:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
data/openssl-3.0.0~~alpha4/test/destest.c:671:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cret[8];
data/openssl-3.0.0~~alpha4/test/drbg_extra_test.c:23:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char zerobuff[32];
data/openssl-3.0.0~~alpha4/test/drbg_extra_test.c:44:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buff[BUFFSIZE];
data/openssl-3.0.0~~alpha4/test/drbg_extra_test.h:29:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char expected128[BUFFSIZE] = {
data/openssl-3.0.0~~alpha4/test/drbg_extra_test.h:80:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char expected192[BUFFSIZE] = {
data/openssl-3.0.0~~alpha4/test/drbg_extra_test.h:131:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char expected256[BUFFSIZE] = {
data/openssl-3.0.0~~alpha4/test/drbgtest.c:290:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buff[1024];
data/openssl-3.0.0~~alpha4/test/drbgtest.c:416:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buff[1024];
data/openssl-3.0.0~~alpha4/test/drbgtest.c:646:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[32];
data/openssl-3.0.0~~alpha4/test/drbgtest.c:762:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rand_add_buf[256];
data/openssl-3.0.0~~alpha4/test/drbgtest.c:884:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[256];
data/openssl-3.0.0~~alpha4/test/drbgtest.c:987:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf1[51], buf2[sizeof(buf1)];
data/openssl-3.0.0~~alpha4/test/dsa_no_digest_size_test.c:150:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(paddedData, dataToSign, digestlen);
data/openssl-3.0.0~~alpha4/test/dsa_no_digest_size_test.c:152:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(paddedData + digestlen - len, dataToSign, len);
data/openssl-3.0.0~~alpha4/test/dsatest.c:40:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[256];
data/openssl-3.0.0~~alpha4/test/dsatest.c:42:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sig[256];
data/openssl-3.0.0~~alpha4/test/dsatest.c:49:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char seed[20] = {
data/openssl-3.0.0~~alpha4/test/dsatest.c:155:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed_out[32];
data/openssl-3.0.0~~alpha4/test/dsatest.c:156:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char group_out[32];
data/openssl-3.0.0~~alpha4/test/dtls_mtu_test.c:58:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[600];
data/openssl-3.0.0~~alpha4/test/dtlstest.c:253:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cookie, dummy_cookie, sizeof(dummy_cookie));
data/openssl-3.0.0~~alpha4/test/ecdsatest.c:34:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *numbers[2];
data/openssl-3.0.0~~alpha4/test/ecdsatest.c:105:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char digest[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/ecdsatest.c:224:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char dirt, offset, tbs[128];
data/openssl-3.0.0~~alpha4/test/ectest.c:171:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[100];
data/openssl-3.0.0~~alpha4/test/ectest.c:942:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[100];
data/openssl-3.0.0~~alpha4/test/enginetest.c:47:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *eid[NUMTOADD];
data/openssl-3.0.0~~alpha4/test/enginetest.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ename[NUMTOADD];
data/openssl-3.0.0~~alpha4/test/enginetest.c:49:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/openssl-3.0.0~~alpha4/test/enginetest.c:145:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "id%d", loop);
data/openssl-3.0.0~~alpha4/test/enginetest.c:147:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "Fake engine type %d", loop);
data/openssl-3.0.0~~alpha4/test/errtest.c:35:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char expected[256];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:509:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[EVP_MAX_IV_LENGTH];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:512:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[32], plaintext[16];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1076:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[80];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1089:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        in = (unsigned char *)keys[tst].pub;
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1105:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        in = (unsigned char *)keys[tst].priv;
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1271:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[20];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1315:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[20];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1393:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdname[OSSL_MAX_NAME_SIZE];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1394:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ssl3ms[48];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1423:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(mdname, "SHA512");
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1582:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char key[32] = {
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1587:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[12] = {
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1591:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[80];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1592:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char plaintext[80];
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1782:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[sizeof(seed)];
data/openssl-3.0.0~~alpha4/test/evp_fetch_prov_test.c:60:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[SHA256_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/test/evp_fetch_prov_test.c:175:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[128 / 8];
data/openssl-3.0.0~~alpha4/test/evp_fetch_prov_test.c:176:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ct[64], pt[64];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:34:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[16];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:36:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:65:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[10];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:67:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:95:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[25];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:100:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:169:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[64];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:171:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:212:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[14];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:225:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:251:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[1024 / 8];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:269:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:327:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char iv[16] = { 0 };
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:328:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char result[16] = { 0 };
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:393:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char iv[16] = { 0 };
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:394:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char result[32] = { 0 };
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:446:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char result[sizeof(output)] = { 0 };
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:491:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char result[sizeof(output)] = { 0 };
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:520:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[16];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:531:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:563:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[64];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:575:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:610:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[8];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:636:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:705:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[24];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:711:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:742:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[16];
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:750:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:50:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[80];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[4096];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:353:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char n_data[2050];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:407:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name_out[80];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:408:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed_out[32];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:547:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name_out[80];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:548:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed_out[32];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:691:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out_pub[ED448_KEYLEN];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:692:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out_priv[ED448_KEYLEN];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:695:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:919:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out_pub[sizeof(ec_pub_keydata)];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:920:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char out_curve_name[80];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:1003:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name_out[80];
data/openssl-3.0.0~~alpha4/test/evp_pkey_provided_test.c:1004:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed_out[32];
data/openssl-3.0.0~~alpha4/test/evp_test.c:160:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int ncopy = atoi(value);
data/openssl-3.0.0~~alpha4/test/evp_test.c:173:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, db->buf, db->buflen);
data/openssl-3.0.0~~alpha4/test/evp_test.c:188:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int count = atoi(value);
data/openssl-3.0.0~~alpha4/test/evp_test.c:389:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        return (mdata->pad_type = atoi(value)) > 0;
data/openssl-3.0.0~~alpha4/test/evp_test.c:514:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char *aad[AAD_NUM];
data/openssl-3.0.0~~alpha4/test/evp_test.c:582:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        i = atoi(value);
data/openssl-3.0.0~~alpha4/test/evp_test.c:595:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        i = atoi(value);
data/openssl-3.0.0~~alpha4/test/evp_test.c:668:14:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        in = memcpy(tmp + out_misalign, in, in_len);
data/openssl-3.0.0~~alpha4/test/evp_test.c:683:14:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH +
data/openssl-3.0.0~~alpha4/test/evp_test.c:852:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char rtag[16];
data/openssl-3.0.0~~alpha4/test/evp_test.c:900:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        static char aux_err[64];
data/openssl-3.0.0~~alpha4/test/evp_test.c:1764:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        pdata->iter = atoi(value);
data/openssl-3.0.0~~alpha4/test/evp_test.c:1784:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        pdata->id = atoi(value);
data/openssl-3.0.0~~alpha4/test/evp_test.c:2159:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        n = atoi(++p);
data/openssl-3.0.0~~alpha4/test/evp_test.c:2199:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            rdata->use_df = atoi(value) != 0;
data/openssl-3.0.0~~alpha4/test/evp_test.c:2203:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            if ((n = atoi(value)) <= 0 || n % 8 != 0)
data/openssl-3.0.0~~alpha4/test/evp_test.c:2209:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            rdata->prediction_resistance = atoi(value) != 0;
data/openssl-3.0.0~~alpha4/test/fatalerrtest.c:26:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80];
data/openssl-3.0.0~~alpha4/test/handshake_helper.c:358:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*out + 1, protos, len);
data/openssl-3.0.0~~alpha4/test/hexstr_test.c:117:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char out[64];
data/openssl-3.0.0~~alpha4/test/hexstr_test.c:118:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[64];
data/openssl-3.0.0~~alpha4/test/hmactest.c:36:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char key[16];
data/openssl-3.0.0~~alpha4/test/hmactest.c:38:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char data[64];
data/openssl-3.0.0~~alpha4/test/hmactest.c:134:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/hmactest.c:224:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/hmactest.c:254:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[80];
data/openssl-3.0.0~~alpha4/test/hmactest.c:257:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(&(buf[i * 2]), "%02x", md[i]);
data/openssl-3.0.0~~alpha4/test/ideatest.c:25:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char k[16] = {
data/openssl-3.0.0~~alpha4/test/ideatest.c:30:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const  unsigned char in[8] = { 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03 };
data/openssl-3.0.0~~alpha4/test/ideatest.c:31:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char c[8] = { 0x11, 0xFB, 0xED, 0x2B, 0x01, 0x98, 0x6D, 0xE5 };
data/openssl-3.0.0~~alpha4/test/ideatest.c:33:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char out[80];
data/openssl-3.0.0~~alpha4/test/ideatest.c:37:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char cfb_key[16] = {
data/openssl-3.0.0~~alpha4/test/ideatest.c:41:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char cfb_iv[80] =
data/openssl-3.0.0~~alpha4/test/ideatest.c:43:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
data/openssl-3.0.0~~alpha4/test/ideatest.c:45:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char plain[CFB_TEST_SIZE] = {
data/openssl-3.0.0~~alpha4/test/ideatest.c:52:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
data/openssl-3.0.0~~alpha4/test/ideatest.c:78:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[IDEA_BLOCK];
data/openssl-3.0.0~~alpha4/test/igetest.c:30:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rkey[16];
data/openssl-3.0.0~~alpha4/test/igetest.c:31:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rkey2[16];
data/openssl-3.0.0~~alpha4/test/igetest.c:32:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char plaintext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:33:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char saved_iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:38:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char key[16];
data/openssl-3.0.0~~alpha4/test/igetest.c:39:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char iv[32];
data/openssl-3.0.0~~alpha4/test/igetest.c:40:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char in[MAX_VECTOR_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:41:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char out[MAX_VECTOR_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:81:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char key1[32];
data/openssl-3.0.0~~alpha4/test/igetest.c:82:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char key2[32];
data/openssl-3.0.0~~alpha4/test/igetest.c:83:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char iv[64];
data/openssl-3.0.0~~alpha4/test/igetest.c:84:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char in[MAX_VECTOR_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:85:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char out[MAX_VECTOR_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:153:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_VECTOR_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:154:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 2];
data/openssl-3.0.0~~alpha4/test/igetest.c:177:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, v->in, v->length);
data/openssl-3.0.0~~alpha4/test/igetest.c:196:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_VECTOR_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:226:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:227:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:228:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:244:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:245:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:246:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:266:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:267:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:268:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:292:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:293:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:294:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:330:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:331:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:332:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:351:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:352:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:353:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:382:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:383:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:384:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:413:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[AES_BLOCK_SIZE * 4];
data/openssl-3.0.0~~alpha4/test/igetest.c:414:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ciphertext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/igetest.c:415:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char checktext[BIG_TEST_SIZE];
data/openssl-3.0.0~~alpha4/test/mdc2_internal_test.c:27:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char expected[MDC2_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/test/mdc2_internal_test.c:55:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[MDC2_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/test/mdc2test.c:36:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char pad1[16] = {
data/openssl-3.0.0~~alpha4/test/mdc2test.c:41:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char pad2[16] = {
data/openssl-3.0.0~~alpha4/test/mdc2test.c:50:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[MDC2_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/test/memleaktest.c:50:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(lost, "ab");
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:39:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char cts128_test_key[16] = "chicken teriyaki";
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:40:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char cts128_test_input[64] =
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:46:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char vector_17[17] = {
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:52:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char vector_31[31] = {
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:59:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char vector_32[32] = {
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:66:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char vector_47[47] = {
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:75:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char vector_48[48] = {
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:84:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char vector_64[64] = {
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:136:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    size_t (*encrypt_block)(const unsigned char *in,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:137:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:138:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            const void *key, unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:140:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    size_t (*encrypt_stream)(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:140:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    size_t (*encrypt_stream)(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:142:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], cbc128_f cbc);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:143:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    size_t (*decrypt_block)(const unsigned char *in,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:144:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            unsigned char *out, size_t len,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:145:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            const void *key, unsigned char ivec[16],
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:147:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    size_t (*decrypt_stream)(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:147:64:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    size_t (*decrypt_stream)(const unsigned char *in, unsigned char *out,
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:149:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             unsigned char ivec[16], cbc128_f cbc);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:157:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, len);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:173:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, len);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:175:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out + len, in + len + 16, tail);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:176:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out + len + tail, in + len, 16);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:192:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[16];
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:194:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cleartext[64], ciphertext[64], vector[64];
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:202:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, test_iv, test_iv_len);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:211:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, test_iv, test_iv_len);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:221:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, test_iv, test_iv_len);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:231:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, test_iv, test_iv_len);
data/openssl-3.0.0~~alpha4/test/modes_internal_test.c:846:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[512];
data/openssl-3.0.0~~alpha4/test/ocspapitest.c:73:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char keybytes[128] = {7};
data/openssl-3.0.0~~alpha4/test/ossl_shim/ossl_shim.cc:294:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out_psk, config->psk.data(), config->psk.size());
data/openssl-3.0.0~~alpha4/test/ossl_shim/ossl_shim.cc:312:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out_psk, config->psk.data(), config->psk.size());
data/openssl-3.0.0~~alpha4/test/ossl_shim/ossl_shim.cc:391:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(key_name, kZeros, sizeof(kZeros));
data/openssl-3.0.0~~alpha4/test/ossl_shim/ossl_shim.cc:533:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buf[1024];
data/openssl-3.0.0~~alpha4/test/ossl_shim/packeted_bio.cc:207:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, buf, outl);
data/openssl-3.0.0~~alpha4/test/ossl_shim/packeted_bio.cc:215:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&GetData(bio)->read_deadline, ptr, sizeof(timeval));
data/openssl-3.0.0~~alpha4/test/ossl_shim/test_config.cc:185:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      *int_field = atoi(argv[i]);
data/openssl-3.0.0~~alpha4/test/p_test.c:75:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[256];
data/openssl-3.0.0~~alpha4/test/p_test.c:91:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(buf, "Howdy stranger...");
data/openssl-3.0.0~~alpha4/test/packettest.c:15:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char smbuf[BUF_LEN];
data/openssl-3.0.0~~alpha4/test/packettest.c:180:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bytes[4];
data/openssl-3.0.0~~alpha4/test/packettest.c:204:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tmp[BUF_LEN];
data/openssl-3.0.0~~alpha4/test/packettest.c:243:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf1[10], buf2[10];
data/openssl-3.0.0~~alpha4/test/packettest.c:270:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf1[10], buf2[10];
data/openssl-3.0.0~~alpha4/test/packettest.c:305:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf1[BUF_LEN];
data/openssl-3.0.0~~alpha4/test/packettest.c:350:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf1[BUF_LEN];
data/openssl-3.0.0~~alpha4/test/packettest.c:375:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf1[1024];
data/openssl-3.0.0~~alpha4/test/packettest.c:399:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf1[1024];
data/openssl-3.0.0~~alpha4/test/packettest.c:423:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf1[BUF_LEN];
data/openssl-3.0.0~~alpha4/test/packettest.c:447:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[1024];
data/openssl-3.0.0~~alpha4/test/param_build_test.c:207:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char names[100][3];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:26:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        out[j] = ((unsigned char *)in)[len - j - 1];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:42:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, len);
data/openssl-3.0.0~~alpha4/test/params_api_test.c:49:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char value[MAX_LEN];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:67:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:143:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(int)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:170:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(long int)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:197:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(unsigned int)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:223:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(unsigned long int)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:250:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(int32_t)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:277:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(uint32_t)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:304:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(int64_t)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:331:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(uint64_t)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:358:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(size_t)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:385:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], cmp[sizeof(size_t)];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:411:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[MAX_LEN], bnbuf[MAX_LEN];
data/openssl-3.0.0~~alpha4/test/params_api_test.c:458:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char bn_val[16] = {
data/openssl-3.0.0~~alpha4/test/params_api_test.c:463:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[100], buf2[100], *bufp, *bufp2;
data/openssl-3.0.0~~alpha4/test/params_api_test.c:464:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ubuf[100];
data/openssl-3.0.0~~alpha4/test/params_test.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char p5[256];
data/openssl-3.0.0~~alpha4/test/params_test.c:306:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char bignumbin[4096]; /* "p3" */
data/openssl-3.0.0~~alpha4/test/params_test.c:307:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char app_p4[256];              /* "p4" */
data/openssl-3.0.0~~alpha4/test/params_test.c:308:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char app_p5[256];              /* "p5" */
data/openssl-3.0.0~~alpha4/test/params_test.c:310:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char foo[1];          /* "foo" */
data/openssl-3.0.0~~alpha4/test/pkey_meth_kdf_test.c:23:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[16];
data/openssl-3.0.0~~alpha4/test/pkey_meth_kdf_test.c:52:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/pkey_meth_kdf_test.c:70:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[10];
data/openssl-3.0.0~~alpha4/test/pkey_meth_kdf_test.c:103:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/pkey_meth_kdf_test.c:121:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[64];
data/openssl-3.0.0~~alpha4/test/pkey_meth_kdf_test.c:170:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        const unsigned char expected[sizeof(out)] = {
data/openssl-3.0.0~~alpha4/test/poly1305_internal_test.c:21:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char data[1024];
data/openssl-3.0.0~~alpha4/test/poly1305_internal_test.c:1515:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[16];
data/openssl-3.0.0~~alpha4/test/property_test.c:332:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            || !TEST_str_eq((char *)result, queries[i].expected)) {
data/openssl-3.0.0~~alpha4/test/property_test.c:350:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[50];
data/openssl-3.0.0~~alpha4/test/provider_internal_test.c:17:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char buf[256];
data/openssl-3.0.0~~alpha4/test/provider_internal_test.c:42:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char expected_greeting[256] = "";
data/openssl-3.0.0~~alpha4/test/provider_test.c:16:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char buf[256];
data/openssl-3.0.0~~alpha4/test/provider_test.c:26:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char expected_greeting[256];
data/openssl-3.0.0~~alpha4/test/rc2test.c:22:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char RC2key[4][16] = {
data/openssl-3.0.0~~alpha4/test/rc2test.c:33:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char RC2plain[4][8] = {
data/openssl-3.0.0~~alpha4/test/rc2test.c:40:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char RC2cipher[4][8] = {
data/openssl-3.0.0~~alpha4/test/rc2test.c:51:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[8], buf2[8];
data/openssl-3.0.0~~alpha4/test/rc4test.c:25:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char keys[6][30] = {
data/openssl-3.0.0~~alpha4/test/rc4test.c:34:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char data_len[6] = { 8, 8, 8, 20, 28, 10 };
data/openssl-3.0.0~~alpha4/test/rc4test.c:36:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char data[6][30] = {
data/openssl-3.0.0~~alpha4/test/rc4test.c:50:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char output[6][30] = {
data/openssl-3.0.0~~alpha4/test/rc4test.c:66:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char obuf[512];
data/openssl-3.0.0~~alpha4/test/rc4test.c:77:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char obuf[512];
data/openssl-3.0.0~~alpha4/test/rc4test.c:90:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char obuf[512];
data/openssl-3.0.0~~alpha4/test/rc4test.c:103:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[513];
data/openssl-3.0.0~~alpha4/test/rc4test.c:105:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md[SHA_DIGEST_LENGTH];
data/openssl-3.0.0~~alpha4/test/rc5test.c:24:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char RC5key[5][16] = {
data/openssl-3.0.0~~alpha4/test/rc5test.c:37:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char RC5plain[5][8] = {
data/openssl-3.0.0~~alpha4/test/rc5test.c:45:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char RC5cipher[5][8] = {
data/openssl-3.0.0~~alpha4/test/rc5test.c:54:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rc5_cbc_cipher[RC5_CBC_NUM][8] = {
data/openssl-3.0.0~~alpha4/test/rc5test.c:84:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rc5_cbc_key[RC5_CBC_NUM][17] = {
data/openssl-3.0.0~~alpha4/test/rc5test.c:117:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rc5_cbc_plain[RC5_CBC_NUM][8] = {
data/openssl-3.0.0~~alpha4/test/rc5test.c:154:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char rc5_cbc_iv[RC5_CBC_NUM][8] = {
data/openssl-3.0.0~~alpha4/test/rc5test.c:188:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[8], buf2[8];
data/openssl-3.0.0~~alpha4/test/rc5test.c:209:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[8], buf2[8], ivb[8];
data/openssl-3.0.0~~alpha4/test/rc5test.c:217:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ivb, &rc5_cbc_iv[n][0], 8);
data/openssl-3.0.0~~alpha4/test/rc5test.c:225:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ivb, &rc5_cbc_iv[n][0], 8);
data/openssl-3.0.0~~alpha4/test/rdrand_sanitytest.c:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char prior[31] = {0}, buf[31] = {0}, check[7];
data/openssl-3.0.0~~alpha4/test/rdrand_sanitytest.c:66:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(prior, buf, sizeof(buf));
data/openssl-3.0.0~~alpha4/test/recordlentest.c:29:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char header[SSL3_RT_HEADER_LENGTH];
data/openssl-3.0.0~~alpha4/test/recordlentest.c:31:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[256];
data/openssl-3.0.0~~alpha4/test/rsa_mp_test.c:255:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ptext[256];
data/openssl-3.0.0~~alpha4/test/rsa_mp_test.c:256:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ctext[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:53:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(c, ctext_ex, sizeof(ctext_ex) - 1);                  \
data/openssl-3.0.0~~alpha4/test/rsa_test.c:253:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ptext[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:254:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ctext[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:256:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ctext_ex[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:283:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ptext[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:284:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ctext[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:286:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ctext_ex[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:313:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ptext[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:314:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ctext[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:316:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ctext_ex[256];
data/openssl-3.0.0~~alpha4/test/rsa_test.c:394:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static const unsigned char vals[8] = {
data/openssl-3.0.0~~alpha4/test/rsa_test.c:402:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char num[2000];
data/openssl-3.0.0~~alpha4/test/sanitytest.c:17:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bytes[sizeof(p)];
data/openssl-3.0.0~~alpha4/test/shlibloadtest.c:111:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *atexit_file = fopen(path_atexit, "w");
data/openssl-3.0.0~~alpha4/test/siphash_internal_test.c:23:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char data[64];
data/openssl-3.0.0~~alpha4/test/siphash_internal_test.c:174:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[SIPHASH_KEY_SIZE];
data/openssl-3.0.0~~alpha4/test/siphash_internal_test.c:175:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char in[64];
data/openssl-3.0.0~~alpha4/test/siphash_internal_test.c:179:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out[SIPHASH_MAX_DIGEST_SIZE];
data/openssl-3.0.0~~alpha4/test/siphash_internal_test.c:261:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[SIPHASH_KEY_SIZE];
data/openssl-3.0.0~~alpha4/test/siphash_internal_test.c:262:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char output[SIPHASH_MAX_DIGEST_SIZE];
data/openssl-3.0.0~~alpha4/test/sm4_internal_test.c:58:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(block, input, SM4_BLOCK_SIZE);
data/openssl-3.0.0~~alpha4/test/srptest.c:37:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char rand_tmp[RANDOM_SIZE];
data/openssl-3.0.0~~alpha4/test/ssl_test.c:403:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char test_app[MAX_TESTCASE_NAME_LENGTH];
data/openssl-3.0.0~~alpha4/test/ssl_test_ctx.c:61:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        ctx->field = atoi(value);                                       \
data/openssl-3.0.0~~alpha4/test/sslapitest.c:86:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char server_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
data/openssl-3.0.0~~alpha4/test/sslapitest.c:88:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char client_log_buffer[LOG_BUFFER_SIZE + 1] = {0};
data/openssl-3.0.0~~alpha4/test/sslapitest.c:184:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hexed[3];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:190:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(hexed, "%02x", raw[i]);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:204:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char actual_client_random[SSL3_RANDOM_SIZE] = {0};
data/openssl-3.0.0~~alpha4/test/sslapitest.c:206:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char actual_master_key[SSL_MAX_MASTER_KEY_LENGTH] = {0};
data/openssl-3.0.0~~alpha4/test/sslapitest.c:437:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[1];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:878:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char cbuf[16000] = {0};
data/openssl-3.0.0~~alpha4/test/sslapitest.c:879:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sbuf[16000];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:881:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char crec_wseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:882:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char crec_wseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:883:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char crec_rseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:884:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char crec_rseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:885:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char srec_wseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:886:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char srec_wseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:887:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char srec_rseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:888:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char srec_rseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:891:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(crec_wseq_before, &clientssl->rlayer.write_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:892:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(crec_rseq_before, &clientssl->rlayer.read_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:893:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(srec_wseq_before, &serverssl->rlayer.write_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:894:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(srec_rseq_before, &serverssl->rlayer.read_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:914:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(crec_wseq_after, &clientssl->rlayer.write_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:915:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(crec_rseq_after, &clientssl->rlayer.read_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:916:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(srec_wseq_after, &serverssl->rlayer.write_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:917:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(srec_rseq_after, &serverssl->rlayer.read_sequence, rec_seq_size);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:2446:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c, buf[1];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3214:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20], data[1024];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3445:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3580:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3767:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3858:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4030:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4133:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4192:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5013:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cookie, cookie_magic_value, sizeof(cookie_magic_value) - 1);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5529:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char label[LONG_LABEL_LEN + 1] = "test label";
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5532:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5533:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char skeymat1[80], skeymat2[80], skeymat3[80];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5685:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char ckeymat1[80], ckeymat2[80];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5686:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char skeymat1[80], skeymat2[80];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5687:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[1];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5756:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5815:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[20];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6515:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char buf[80];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6604:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[5];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6744:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6880:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static int tick_key_cb(SSL *s, unsigned char key_name[16],
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6881:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       unsigned char iv[EVP_MAX_IV_LENGTH], EVP_CIPHER_CTX *ctx,
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6884:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char tick_aes_key[16] = "0123456789abcdef";
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6885:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char tick_hmac_key[16] = "0123456789abcdef";
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6909:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6910:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                           unsigned char iv[EVP_MAX_IV_LENGTH],
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6913:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const unsigned char tick_aes_key[16] = "0123456789abcdef";
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6914:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char tick_hmac_key[16] = "0123456789abcdef";
data/openssl-3.0.0~~alpha4/test/sslapitest.c:7120:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:7180:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:7625:68:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                                         (unsigned char *)
data/openssl-3.0.0~~alpha4/test/sslapitest.c:7770:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char msg[MULTIBLOCK_FRAGSIZE * 9];
data/openssl-3.0.0~~alpha4/test/sslapitest.c:7771:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[sizeof(msg)], *p = buf;
data/openssl-3.0.0~~alpha4/test/sslbuffertest.c:53:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(testdata)];
data/openssl-3.0.0~~alpha4/test/sslcorrupttest.c:186:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char junk[16000] = { 0 };
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:331:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(alpn_selected, *out, *outlen);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:1040:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            number = atoi(*(++argv));
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:1046:21:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            bytes = atol(*(++argv));
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:1192:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            should_reuse = !!atoi(*(++argv));
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:1911:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char addr_str[40];
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:2002:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char cbuf[1024 * 8];
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:2081:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sbuf[1024 * 8];
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:2264:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char cbuf[1024 * 8];
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:2343:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char sbuf[1024 * 8];
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:2848:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *s, buf[256];
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:409:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, thispkt->data, outl);
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:463:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(thispkt->data, in + len, inl - len);
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:466:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(thispkt->data, in, inl);
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:974:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char buf[20];
data/openssl-3.0.0~~alpha4/test/stack_test.c:259:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(q, p, sizeof(*q));
data/openssl-3.0.0~~alpha4/test/test_test.c:456:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[4] = { 0 }, *p = buf;
data/openssl-3.0.0~~alpha4/test/testutil.h:517:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[4096];            /* Input buffer for a single key/value */
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:106:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        level = 4 * atoi(TAP_levels);
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:109:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        set_seed(atoi(test_seed));
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:141:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            single_test = atoi(name);
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:47:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char b1[MAX_STRING_WIDTH + 1], b2[MAX_STRING_WIDTH + 1];
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bdiff[MAX_STRING_WIDTH + 1];
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:271:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char b1[MAX_STRING_WIDTH + 1], b2[MAX_STRING_WIDTH + 1];
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:272:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *p, bdiff[MAX_STRING_WIDTH + 1];
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:277:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buffer[MEM_BUFFER_SIZE * 2], *bufp = buffer;
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:390:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char buf[BN_OUTPUT_SIZE];
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:391:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char out[2 * sizeof(buf) + 1];
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:430:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char b1[MAX_STRING_WIDTH + 1], b2[MAX_STRING_WIDTH + 1];
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:431:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *p, bdiff[MAX_STRING_WIDTH + 1];
data/openssl-3.0.0~~alpha4/test/testutil/stanza.c:43:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpbuf[128];
data/openssl-3.0.0~~alpha4/test/testutil/testutil_init.c:27:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[256], *hex;
data/openssl-3.0.0~~alpha4/test/tls-provider.c:31:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char private_constant[XOR_KEY_SIZE] = {
data/openssl-3.0.0~~alpha4/test/tls-provider.c:38:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char privkey[XOR_KEY_SIZE];
data/openssl-3.0.0~~alpha4/test/tls-provider.c:39:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char pubkey[XOR_KEY_SIZE];
data/openssl-3.0.0~~alpha4/test/tls-provider.c:240:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(tokey->pubkey, fromkey->pubkey, XOR_KEY_SIZE);
data/openssl-3.0.0~~alpha4/test/tls-provider.c:248:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(tokey->privkey, fromkey->privkey, XOR_KEY_SIZE);
data/openssl-3.0.0~~alpha4/test/tls-provider.c:276:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p->data, key->pubkey, XOR_KEY_SIZE);
data/openssl-3.0.0~~alpha4/test/tls-provider.c:304:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(key->pubkey, p->data, XOR_KEY_SIZE);
data/openssl-3.0.0~~alpha4/test/tls13ccstest.c:24:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char chsessid[SSL_MAX_SSL_SESSION_ID_LENGTH];
data/openssl-3.0.0~~alpha4/test/tls13ccstest.c:249:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[80];
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:27:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *plaintext[3];
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:28:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *ciphertext[3];
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:202:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char *multihexstr2buf(const char *str[3], size_t *len)
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:202:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char *multihexstr2buf(const char *str[3], size_t *len)
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:259:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(rec->data, pt, ptlen);
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:261:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(seq, sq, SEQ_NUM_SIZE);
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:263:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(iv, ivtmp, ivlen);
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:358:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(RECORD_LAYER_get_write_sequence(&s->rlayer),
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:360:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(s->write_iv, s->read_iv, ivlen);
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:145:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, hs_full_hash, sizeof(hs_full_hash));
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:148:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, hs_start_hash, sizeof(hs_start_hash));
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:232:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char gensecret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:233:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hash[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:234:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char key[KEYLEN];
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:235:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char iv[IVLEN];
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:277:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char out_master_secret[EVP_MAX_MD_SIZE];
data/openssl-3.0.0~~alpha4/test/uitest.c:36:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pass[16];
data/openssl-3.0.0~~alpha4/test/uitest.c:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pass[16];
data/openssl-3.0.0~~alpha4/test/v3nametest.c:272:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msg[1024];
data/openssl-3.0.0~~alpha4/test/v3nametest.c:297:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(name, *pname, namelen);
data/openssl-3.0.0~~alpha4/test/wpackettest.c:42:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sbuf[3];
data/openssl-3.0.0~~alpha4/test/wpackettest.c:359:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char sbuf[1024];
data/openssl-3.0.0~~alpha4/test/wpackettest.c:361:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char testdata2[259]  = { 0x82, 0x01, 0x00 };
data/openssl-3.0.0~~alpha4/test/x509_time_test.c:458:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char d[16];
data/openssl-3.0.0~~alpha4/util/check-format-test-negatives.c:194:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char trans_id[OSSL_CMP_TRANSACTIONID_LENGTH] = {
data/openssl-3.0.0~~alpha4/util/check-format-test-negatives.c:197:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const unsigned char trans_id[OSSL_CMP_TRANSACTIONID_LENGTH] =
data/openssl-3.0.0~~alpha4/apps/ca.c:700:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        j = strlen(p);
data/openssl-3.0.0~~alpha4/apps/ca.c:2214:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t serial_len = strlen(serial);
data/openssl-3.0.0~~alpha4/apps/ca.c:2429:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i += strlen(reason) + 1;
data/openssl-3.0.0~~alpha4/apps/ca.c:2431:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i += strlen(other) + 1;
data/openssl-3.0.0~~alpha4/apps/cmp.c:660:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            memmove(opt, opt + 1, strlen(opt));
data/openssl-3.0.0~~alpha4/apps/cmp.c:754:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(*infile) >= 4) {
data/openssl-3.0.0~~alpha4/apps/cmp.c:755:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            const char *extension = *infile + strlen(*infile) - 4;
data/openssl-3.0.0~~alpha4/apps/cmp.c:1083:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(OSSL_HTTP_PREFIX)) == 0) {
data/openssl-3.0.0~~alpha4/apps/cmp.c:1084:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *opt_string += strlen(OSSL_HTTP_PREFIX);
data/openssl-3.0.0~~alpha4/apps/cmp.c:1086:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                           strlen(OSSL_HTTPS_PREFIX)) == 0) {
data/openssl-3.0.0~~alpha4/apps/cmp.c:1087:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *opt_string += strlen(OSSL_HTTPS_PREFIX);
data/openssl-3.0.0~~alpha4/apps/cmp.c:1349:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                              strlen(opt_srv_ref)))
data/openssl-3.0.0~~alpha4/apps/cmp.c:1360:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                strlen(pass_str));
data/openssl-3.0.0~~alpha4/apps/cmp.c:1755:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                strlen(pass_string));
data/openssl-3.0.0~~alpha4/apps/cmp.c:1765:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                 strlen(opt_ref)))
data/openssl-3.0.0~~alpha4/apps/cmp.c:2154:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
        strncat(id_buf, opt_infotype_s, sizeof(id_buf) - strlen(id_buf) - 1);
data/openssl-3.0.0~~alpha4/apps/cmp.c:2154:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        strncat(id_buf, opt_infotype_s, sizeof(id_buf) - strlen(id_buf) - 1);
data/openssl-3.0.0~~alpha4/apps/cmp.c:2334:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(opt_item, beg, len);
data/openssl-3.0.0~~alpha4/apps/cmp.c:2350:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const char *end = groups + strlen(groups);
data/openssl-3.0.0~~alpha4/apps/cmp.c:2906:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                const char *end = opt_section + strlen(opt_section);
data/openssl-3.0.0~~alpha4/apps/dgst.c:486:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t i, e = 0, length = strlen(file), newline_count = 0, mem_len = 0;
data/openssl-3.0.0~~alpha4/apps/enc.c:223:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            i = (int)strlen(p) - 1;
data/openssl-3.0.0~~alpha4/apps/enc.c:440:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t str_len = strlen(str);
data/openssl-3.0.0~~alpha4/apps/enc.c:670:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(in);
data/openssl-3.0.0~~alpha4/apps/engine.c:58:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(s) + 1;
data/openssl-3.0.0~~alpha4/apps/engine.c:65:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const int blen = strlen(p);
data/openssl-3.0.0~~alpha4/apps/engine.c:206:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if ((xpos > (int)strlen(indent)) &&
data/openssl-3.0.0~~alpha4/apps/engine.c:207:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    (xpos + (int)strlen(name) > line_wrap)) {
data/openssl-3.0.0~~alpha4/apps/fipsinstall.c:403:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(INSTALL_STATUS_VAL));
data/openssl-3.0.0~~alpha4/apps/lib/app_x509.c:101:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        vtmp_len = strlen(vtmp);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:500:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OPENSSL_cleanse(str, strlen(str));
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:506:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OPENSSL_clear_free(str, strlen(str));
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1261:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        j = strlen(serialfile);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1263:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        j = strlen(serialfile) + strlen(suffix) + 1;
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1263:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        j = strlen(serialfile) + strlen(suffix) + 1;
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1308:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(serialfile) + strlen(old_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1308:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(serialfile) + strlen(old_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1309:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen(serialfile) + strlen(new_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1309:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen(serialfile) + strlen(new_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1468:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen(dbfile) + strlen(suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1468:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen(dbfile) + strlen(suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1515:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(dbfile) + strlen(old_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1515:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(dbfile) + strlen(old_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1516:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen(dbfile) + strlen(new_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1516:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen(dbfile) + strlen(new_suffix);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1688:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        valstr, strlen((char *)valstr),
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:1811:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(in);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2111:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2111:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2351:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    return read(fileno_stdin(), buf, siz);
data/openssl-3.0.0~~alpha4/apps/lib/apps.c:2699:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                           stmp, vtmp, strlen(vtmp), &found))
data/openssl-3.0.0~~alpha4/apps/lib/apps_ui.c:182:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        res = strlen(buf);
data/openssl-3.0.0~~alpha4/apps/lib/columns.c:21:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((len = strlen(f->name)) > maxlen)
data/openssl-3.0.0~~alpha4/apps/lib/http_server.c:336:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(meth) == 3 && url[0] == '\0') {
data/openssl-3.0.0~~alpha4/apps/lib/http_server.c:349:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(meth) == 3) { /* GET */
data/openssl-3.0.0~~alpha4/apps/lib/http_server.c:400:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    "Out of memory allocating %zu bytes", strlen(url) + 1);
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:56:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (p = argv0 + strlen(argv0); --p > argv0;)
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:63:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(p);
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:84:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (p = argv0 + strlen(argv0); --p > argv0;)
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:91:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(prog, p, sizeof(prog) - 1);
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:105:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (p = argv0 + strlen(argv0); --p > argv0;)
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:110:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(prog, p, sizeof(prog) - 1);
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:389:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strncmp(v, b[i].prefix, strlen(b[i].prefix)) == 0) {
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:907:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p += strlen(strcpy(p, o->name));
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:912:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p += strlen(strcpy(p, valtype2param(o)));
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:938:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i = 2 + (int)strlen(o->name);
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:940:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            i += 1 + strlen(valtype2param(o));
data/openssl-3.0.0~~alpha4/apps/lib/opt.c:967:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t i, len_0 = strlen(name) + 1;
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:357:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    AscTimeDesc.dsc$w_length = strlen (AscTimeBuff);
data/openssl-3.0.0~~alpha4/apps/lib/vms_term_sock.c:514:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat (TerminalDeviceBuff, "\n");
data/openssl-3.0.0~~alpha4/apps/lib/win32_init.c:162:12:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    wlen = wcslen(wcmdline);
data/openssl-3.0.0~~alpha4/apps/passwd.c:346:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    passwd_len = strlen(passwd);
data/openssl-3.0.0~~alpha4/apps/passwd.c:349:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    magic_len = strlen(magic);
data/openssl-3.0.0~~alpha4/apps/passwd.c:358:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    salt_len = strlen(ascii_salt);
data/openssl-3.0.0~~alpha4/apps/passwd.c:383:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(out_buf) > 6 + 8) /* assert "$apr1$..salt.." */
data/openssl-3.0.0~~alpha4/apps/passwd.c:478:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        assert(output == out_buf + strlen(out_buf));
data/openssl-3.0.0~~alpha4/apps/passwd.c:494:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        assert(strlen(out_buf) < sizeof(out_buf));
data/openssl-3.0.0~~alpha4/apps/passwd.c:496:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ascii2ebcdic(out_buf, out_buf, strlen(out_buf));
data/openssl-3.0.0~~alpha4/apps/passwd.c:545:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    passwd_len = strlen(passwd);
data/openssl-3.0.0~~alpha4/apps/passwd.c:546:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    magic_len = strlen(magic);
data/openssl-3.0.0~~alpha4/apps/passwd.c:591:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    salt_len = strlen(ascii_salt);
data/openssl-3.0.0~~alpha4/apps/passwd.c:614:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ebcdic2ascii(tmp_buf, tmp_buf, strlen(tmp_buf));
data/openssl-3.0.0~~alpha4/apps/passwd.c:622:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(out_buf) > 3 + 17 * rounds_custom + salt_len )
data/openssl-3.0.0~~alpha4/apps/passwd.c:724:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cp = out_buf + strlen(out_buf);
data/openssl-3.0.0~~alpha4/apps/passwd.c:781:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ascii2ebcdic(out_buf, out_buf, strlen(out_buf));
data/openssl-3.0.0~~alpha4/apps/passwd.c:839:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((strlen(passwd) > pw_maxlen)) {
data/openssl-3.0.0~~alpha4/apps/passwd.c:849:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    assert(strlen(passwd) <= pw_maxlen);
data/openssl-3.0.0~~alpha4/apps/pkcs8.c:271:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p8 = PKCS8_set0_pbe(p8pass, strlen(p8pass), p8inf, pbe);
data/openssl-3.0.0~~alpha4/apps/pkcs8.c:331:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
data/openssl-3.0.0~~alpha4/apps/rehash.c:214:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strncasecmp(suffix, &filename[i], strlen(suffix)) == 0)
data/openssl-3.0.0~~alpha4/apps/rehash.c:217:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i += strlen(suffixes[type]);
data/openssl-3.0.0~~alpha4/apps/rehash.c:316:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        path += strlen(path) - 1;
data/openssl-3.0.0~~alpha4/apps/rehash.c:348:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buflen = strlen(dirname);
data/openssl-3.0.0~~alpha4/apps/req.c:1402:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(buf);
data/openssl-3.0.0~~alpha4/apps/req.c:1442:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    elen = strlen(end);
data/openssl-3.0.0~~alpha4/apps/req.c:1443:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slen = strlen(str);
data/openssl-3.0.0~~alpha4/apps/req.c:1457:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t name_len = strlen(name), tail_len = strlen(tail);
data/openssl-3.0.0~~alpha4/apps/req.c:1457:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t name_len = strlen(name), tail_len = strlen(tail);
data/openssl-3.0.0~~alpha4/apps/req.c:1496:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(gstr);
data/openssl-3.0.0~~alpha4/apps/s_client.c:219:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *idlen = strlen(psk_identity);
data/openssl-3.0.0~~alpha4/apps/s_client.c:420:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    unsigned char *ret = app_malloc(strlen(in) / 2, "hexdecode");
data/openssl-3.0.0~~alpha4/apps/s_client.c:1481:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(p);
data/openssl-3.0.0~~alpha4/apps/s_client.c:2651:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(sbuf, mbuf, 2);
data/openssl-3.0.0~~alpha4/apps/s_client.c:3392:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        strlen(keymatexportlabel),
data/openssl-3.0.0~~alpha4/apps/s_client.c:3528:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t length = strlen(host);
data/openssl-3.0.0~~alpha4/apps/s_server.c:152:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   (int)strlen(identity), identity);
data/openssl-3.0.0~~alpha4/apps/s_server.c:201:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(psk_identity) != identity_len
data/openssl-3.0.0~~alpha4/apps/s_server.c:455:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return ebcdic_write(bp, str, strlen(str));
data/openssl-3.0.0~~alpha4/apps/s_server.c:1889:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(session_id_prefix) >= 32)
data/openssl-3.0.0~~alpha4/apps/s_server.c:1993:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strlen(session_id_prefix) >= 32)
data/openssl-3.0.0~~alpha4/apps/s_server.c:2358:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                       strlen((char *)context))) {
data/openssl-3.0.0~~alpha4/apps/s_server.c:2995:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        strlen(keymatexportlabel),
data/openssl-3.0.0~~alpha4/apps/s_server.c:3076:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                       strlen((char *)context))) {
data/openssl-3.0.0~~alpha4/apps/s_server.c:3356:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                i = strlen(p);
data/openssl-3.0.0~~alpha4/apps/s_server.c:3494:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                       strlen((char *)context))) {
data/openssl-3.0.0~~alpha4/apps/s_server.c:3627:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    unsigned int session_id_prefix_len = strlen(session_id_prefix);
data/openssl-3.0.0~~alpha4/apps/s_time.c:205:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buf_size = strlen(www_path) + fmt_http_get_cmd_size;
data/openssl-3.0.0~~alpha4/apps/sess_id.c:110:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t ctx_len = strlen(context);
data/openssl-3.0.0~~alpha4/apps/speed.c:2433:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(hmac_key);
data/openssl-3.0.0~~alpha4/apps/speed.c:2925:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
data/openssl-3.0.0~~alpha4/apps/speed.c:2945:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
data/openssl-3.0.0~~alpha4/apps/spkac.c:147:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            challenge, (int)strlen(challenge));
data/openssl-3.0.0~~alpha4/apps/x509.c:977:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t len = p != NULL ? (size_t)(p - CAfile) : strlen(CAfile);
data/openssl-3.0.0~~alpha4/apps/x509.c:1172:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(names);
data/openssl-3.0.0~~alpha4/crypto/LPdir_unix.c:105:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            char c = directory[strlen(directory) - 1];
data/openssl-3.0.0~~alpha4/crypto/LPdir_unix.c:123:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*ctx)->previous_entry_name, (*ctx)->entry_name,
data/openssl-3.0.0~~alpha4/crypto/LPdir_unix.c:138:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *p = (*ctx)->entry_name + strlen((*ctx)->entry_name);
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:96:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t filespeclen = strlen(directory);
data/openssl-3.0.0~~alpha4/crypto/LPdir_vms.c:184:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy((*ctx)->result, r, l);
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:83:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t dirlen = strlen(directory);
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:161:21:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
                    strcpy(buf + dirlen, "*");
data/openssl-3.0.0~~alpha4/crypto/LPdir_win.c:196:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy((*ctx)->entry_name, (const char *)(*ctx)->ctx.cFileName,
data/openssl-3.0.0~~alpha4/crypto/asn1/a_gentm.c:42:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t.length = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_mbstr.c:55:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen((const char *)in);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_object.c:65:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        num = strlen(buf);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_strex.c:347:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        outlen += strlen(tagname);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_strex.c:528:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            objlen = strlen(objbuf);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_time.c:385:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t.length = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/asn1/a_utctm.c:39:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t.length = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/asn1/ameth_lib.c:111:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/asn1/ameth_lib.c:133:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((int)strlen(ameth->pem_str) == len
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_gen.c:570:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(tagstr);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_lib.c:289:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(data);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_lib.c:425:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sep_len = strlen(sep);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_lib.c:442:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(p, sep, sep_len + 1);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn1_lib.c:445:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(p, (const char *)ASN1_STRING_get0_data(current), length);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:583:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    blen = strlen(bound);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:788:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (p = name + strlen(name) - 1; p >= name; p--) {
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:940:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        linelen = strlen(line);
data/openssl-3.0.0~~alpha4/crypto/asn1/asn_mime.c:942:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        blen = strlen(bound);
data/openssl-3.0.0~~alpha4/crypto/asn1/bio_asn1.c:300:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return asn1_bio_write(b, str, strlen(str));
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:98:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(ap->s_un.sun_path, where, sizeof(ap->s_un.sun_path) - 1);
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:148:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(ap->s_un.sun_path);
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:486:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            pl = strlen(p);
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:509:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            pl = strlen(p);
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:512:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            hl = strlen(h);
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:515:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            pl = strlen(p);
data/openssl-3.0.0~~alpha4/crypto/bio/b_addr.c:666:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (addrinfo_wrap(family, socktype, host, strlen(host), 0, res))
data/openssl-3.0.0~~alpha4/crypto/bio/b_print.c:461:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix);
data/openssl-3.0.0~~alpha4/crypto/bio/b_sock.c:261:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            *ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2);
data/openssl-3.0.0~~alpha4/crypto/bio/b_sock.c:261:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            *ip_port = OPENSSL_zalloc(strlen(host) + strlen(port) + 2);
data/openssl-3.0.0~~alpha4/crypto/bio/b_sock.c:271:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(*ip_port, ":");
data/openssl-3.0.0~~alpha4/crypto/bio/bf_buff.c:467:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return buffer_write(b, str, strlen(str));
data/openssl-3.0.0~~alpha4/crypto/bio/bf_lbuf.c:318:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return linebuffer_write(b, str, strlen(str));
data/openssl-3.0.0~~alpha4/crypto/bio/bf_prefix.c:118:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                && !BIO_write_ex(BIO_next(b), ctx->prefix, strlen(ctx->prefix),
data/openssl-3.0.0~~alpha4/crypto/bio/bf_prefix.c:206:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return BIO_write(b, str, strlen(str));
data/openssl-3.0.0~~alpha4/crypto/bio/bio_cb.c:92:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        BIO_write(b, buf, strlen(buf));
data/openssl-3.0.0~~alpha4/crypto/bio/bio_local.h:183:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#  define UP_read         read
data/openssl-3.0.0~~alpha4/crypto/bio/bss_acpt.c:549:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_bio.c:605:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return bio_write(bio, str, strlen(str));
data/openssl-3.0.0~~alpha4/crypto/bio/bss_conn.c:601:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:806:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_dgram.c:1844:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_fd.c:205:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_fd.c:224:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ret = strlen(buf);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_file.c:353:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ret = strlen(buf);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_file.c:362:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_log.c:235:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_mem.c:97:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sz = (len < 0) ? strlen(buf) : (size_t)len;
data/openssl-3.0.0~~alpha4/crypto/bio/bss_mem.c:368:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_null.c:86:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(str);
data/openssl-3.0.0~~alpha4/crypto/bio/bss_sock.c:232:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_util.c:57:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strlen(OSSL_CMP_LOG_PREFIX)) == 0)
data/openssl-3.0.0~~alpha4/crypto/cmp/cmp_util.c:58:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        level += strlen(OSSL_CMP_LOG_PREFIX);
data/openssl-3.0.0~~alpha4/crypto/cms/cms_pwri.c:35:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        passlen = strlen((char *)pass);
data/openssl-3.0.0~~alpha4/crypto/conf/conf_api.c:190:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(section) + 1;
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:243:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ii = i = strlen(p);
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:417:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    size_t newlen = strlen(include_dir) + strlen(include) + 2;
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:417:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    size_t newlen = strlen(include_dir) + strlen(include) + 2;
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:586:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(from) + 1;
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:697:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            newsize = strlen(p) + buf->length - (e - from);
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:781:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pathlen = strlen(path);
data/openssl-3.0.0~~alpha4/crypto/conf/conf_def.c:785:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        namelen = strlen(filename);
data/openssl-3.0.0~~alpha4/crypto/conf/conf_mod.c:313:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        nchar = strlen(name);
data/openssl-3.0.0~~alpha4/crypto/conf/conf_mod.c:530:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size = strlen(t) + strlen(sep) + strlen(OPENSSL_CONF) + 1;
data/openssl-3.0.0~~alpha4/crypto/conf/conf_mod.c:530:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size = strlen(t) + strlen(sep) + strlen(OPENSSL_CONF) + 1;
data/openssl-3.0.0~~alpha4/crypto/conf/conf_mod.c:530:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size = strlen(t) + strlen(sep) + strlen(OPENSSL_CONF) + 1;
data/openssl-3.0.0~~alpha4/crypto/conf/conf_mod.c:572:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                tmpend = lstart + strlen(lstart) - 1;
data/openssl-3.0.0~~alpha4/crypto/core_namemap.c:179:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return ossl_namemap_name2num_n(namemap, name, strlen(name));
data/openssl-3.0.0~~alpha4/crypto/core_namemap.c:254:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return ossl_namemap_add_name_n(namemap, number, name, strlen(name));
data/openssl-3.0.0~~alpha4/crypto/core_namemap.c:277:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            l = strlen(p);       /* offset to \0 */
data/openssl-3.0.0~~alpha4/crypto/core_namemap.c:302:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            l = strlen(p);       /* offset to \0 */
data/openssl-3.0.0~~alpha4/crypto/cryptlib.c:294:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t len_0 = strlen(fmta) + 1, i;
data/openssl-3.0.0~~alpha4/crypto/ct/ct_b64.c:26:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t inlen = strlen(in);
data/openssl-3.0.0~~alpha4/crypto/des/fcrypt.c:91:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ascii2ebcdic(ret, ret, strlen(ret));
data/openssl-3.0.0~~alpha4/crypto/des/str2key.c:25:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    length = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/des/str2key.c:53:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    length = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:185:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        spec2len = (filespec2 ? strlen(filespec2) : 0);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:186:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = spec2len + (filespec1 ? strlen(filespec1) : 0);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:216:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:221:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rsize += strlen(DSO_EXTENSION); /* The length of ".s?" */
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dl.c:258:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = (int)strlen(inf.filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:115:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (filename[strlen(filename) - 1] == ')')
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:236:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        spec2len = strlen(filespec2);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:237:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = spec2len + strlen(filespec1);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:260:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:265:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        rsize += strlen(DSO_EXTENSION);    /* The length of ".so" */
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:377:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buffer_sz = strlen(this_ldi->ldinfo_filename) + 1;
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:379:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((member_len = strlen(member)) > 0)
data/openssl-3.0.0~~alpha4/crypto/dso/dso_dlfcn.c:425:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = (int)strlen(dli.dli_fname);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:167:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sp2 = sp1 + strlen(sp1);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:171:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || (sp1 - filename) + strlen(sp2) > FILENAME_MAX) {
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:182:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(p->filename, sp1, sp2 - sp1);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:185:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(p->imagename, filename, sp1 - filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:194:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p->filename_dsc.dsc$w_length = strlen(p->filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:198:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p->imagename_dsc.dsc$w_length = strlen(p->imagename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:299:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    symname_dsc.dsc$w_length = strlen(SYMNAME);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:393:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    filespec1len = strlen(filespec1);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:394:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    filespec2len = strlen(filespec2);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:450:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(merged, nam.NAMX_ESA, nam.NAMX_ESL);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_vms.c:459:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:37:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len_0 = strlen(lpLibFileName) + 1, i;
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:347:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(&result[offset], file_split->node, file_split->nodelen);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:354:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(&result[offset], file_split->device, file_split->devicelen);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:367:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(&result[offset], start, end - start);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:380:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(&result[offset], start, end - start);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:386:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(&result[offset], file_split->file, file_split->filelen);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:460:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(filename);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:580:35:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                int i, len = (int)wcslen(me32.szExePath);
data/openssl-3.0.0~~alpha4/crypto/dso/dso_win32.c:593:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                int len = (int)strlen(me32.szExePath);
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:2064:16:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
static uint8_t equal(signed char b, signed char c)
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4213:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][0], equal(babs, 1));
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4214:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][1], equal(babs, 2));
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4215:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][2], equal(babs, 3));
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4216:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][3], equal(babs, 4));
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4217:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][4], equal(babs, 5));
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4218:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][5], equal(babs, 6));
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4219:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][6], equal(babs, 7));
data/openssl-3.0.0~~alpha4/crypto/ec/curve25519.c:4220:37:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    cmov(t, &k25519Precomp[pos][7], equal(babs, 8));
data/openssl-3.0.0~~alpha4/crypto/ec/curve448/eddsa.c:83:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !EVP_DigestUpdate(hashctx, dom_s, strlen(dom_s))
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:864:13:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        u64 equal;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:878:9:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 32;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:878:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 32;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:879:9:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 16;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:879:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 16;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:880:9:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 8;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:880:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 8;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:881:9:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 4;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:881:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 4;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:882:9:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 2;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:882:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 2;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:883:9:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 1;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:883:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal &= equal << 1;
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:884:22:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        equal = 0 - (equal >> 63);
data/openssl-3.0.0~~alpha4/crypto/ec/ecp_nistp256.c:886:29:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        all_equal_so_far &= equal;
data/openssl-3.0.0~~alpha4/crypto/engine/eng_ctrl.c:108:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return strlen(cdp->cmd_name);
data/openssl-3.0.0~~alpha4/crypto/engine/eng_ctrl.c:110:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return strlen(strcpy(s, cdp->cmd_name));
data/openssl-3.0.0~~alpha4/crypto/engine/eng_ctrl.c:112:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return strlen(cdp->cmd_desc == NULL ? int_no_description
data/openssl-3.0.0~~alpha4/crypto/engine/eng_ctrl.c:115:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        return strlen(strcpy(s, cdp->cmd_desc == NULL ? int_no_description
data/openssl-3.0.0~~alpha4/crypto/engine/eng_dyn.c:309:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (p && (strlen((const char *)p) < 1))
data/openssl-3.0.0~~alpha4/crypto/engine/eng_dyn.c:322:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (p && (strlen((const char *)p) < 1))
data/openssl-3.0.0~~alpha4/crypto/engine/eng_dyn.c:348:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (p == NULL || (strlen((const char *)p) < 1)) {
data/openssl-3.0.0~~alpha4/crypto/engine/tb_asnmth.c:146:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/engine/tb_asnmth.c:151:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            && ((int)strlen(ameth->pem_str) == len)
data/openssl-3.0.0~~alpha4/crypto/engine/tb_asnmth.c:176:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                && ((int)strlen(ameth->pem_str) == lk->len)
data/openssl-3.0.0~~alpha4/crypto/err/err.c:218:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                size_t l = strlen(cur);
data/openssl-3.0.0~~alpha4/crypto/err/err.c:594:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(buf) == len - 1) {
data/openssl-3.0.0~~alpha4/crypto/err/err.c:820:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    err_set_error_data_int(data, strlen(data) + 1, flags, 1);
data/openssl-3.0.0~~alpha4/crypto/err/err.c:866:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/err/err.c:872:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += strlen(arg);
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:44:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (cb(buf, strlen(buf), u) <= 0)
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:86:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        data_len = strlen(data);
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:90:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                || strlen(separator) >= (size_t)(MAX_DATA_LEN - data_len))
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:93:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            available_len = MAX_DATA_LEN - data_len - strlen(separator) - 1;
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:97:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            const size_t len_next = strlen(next);
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:111:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    next += strlen(separator);
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:114:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    next = curr + strlen(curr);
data/openssl-3.0.0~~alpha4/crypto/err/err_prn.c:133:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                tmp = OPENSSL_strndup(txt, next - strlen(separator) - txt);
data/openssl-3.0.0~~alpha4/crypto/evp/bio_b64.c:547:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return b64_write(b, str, strlen(str));
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:468:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
data/openssl-3.0.0~~alpha4/crypto/evp/bio_ok.c:506:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
data/openssl-3.0.0~~alpha4/crypto/evp/evp_fetch.c:111:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t l = (q == NULL ? strlen(names) : (size_t)(q - names));
data/openssl-3.0.0~~alpha4/crypto/evp/evp_fetch.c:152:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        l = (q == NULL ? strlen(names) : (size_t)(q - names));
data/openssl-3.0.0~~alpha4/crypto/evp/evp_key.c:29:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(prompt_string, prompt, 79);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_lib.c:923:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(value);
data/openssl-3.0.0~~alpha4/crypto/evp/evp_pbe.c:109:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        passlen = strlen(pass);
data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt.c:74:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        passlen = strlen(pass);
data/openssl-3.0.0~~alpha4/crypto/evp/p5_crpt2.c:38:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        passlen = strlen(pass);
data/openssl-3.0.0~~alpha4/crypto/evp/p_lib.c:1440:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (pkey_set_type(NULL, NULL, EVP_PKEY_NONE, name, strlen(name),
data/openssl-3.0.0~~alpha4/crypto/evp/p_lib.c:1456:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define EVP_PKEY_TYPE_STRLEN (str[0] == NULL ? -1 : (int)strlen(str[0]))
data/openssl-3.0.0~~alpha4/crypto/evp/pkey_kdf.c:227:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                       value, strlen(value), NULL))
data/openssl-3.0.0~~alpha4/crypto/evp/pkey_mac.c:535:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                       type, value, strlen(value) + 1, NULL))
data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_lib.c:1086:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                           strlen(value), &exists)) {
data/openssl-3.0.0~~alpha4/crypto/evp/pmeth_lib.c:1134:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(str);
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:33:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define HTTP_LINE1_MINLEN ((int)strlen(HTTP_PREFIX HTTP_VERSION_PATT "x 200\n"))
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:377:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        for (end = reason + strlen(reason) - 1; ossl_isspace(*end); end--)
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:717:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(host_name, host, host_end - host + 1);
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:962:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t https_len = strlen(OSSL_HTTPS_NAME":");
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:1168:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t len = strlen(proxyuser) + 1;
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:1172:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += strlen(proxypass);
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:1182:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            OPENSSL_clear_free(proxyauthenc, strlen(proxyauthenc));
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:1221:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strncmp(mbuf, HTTP_PREFIX, strlen(HTTP_PREFIX)) != 0) {
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:1228:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        mbufp = mbuf + strlen(HTTP_PREFIX);
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:1229:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strncmp(mbufp, HTTP_VERSION_PATT, strlen(HTTP_VERSION_PATT)) != 0) {
data/openssl-3.0.0~~alpha4/crypto/http/http_client.c:1237:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strncmp(mbufp, " 2", strlen(" 2")) != 0) {
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:29:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t https_len = strlen(OSSL_HTTPS_NAME);
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:31:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!ossl_assert(https_len >= strlen(OSSL_HTTP_NAME)))
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:131:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sl = strlen(server);
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:153:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int http_len = strlen(OSSL_HTTP_PREFIX);
data/openssl-3.0.0~~alpha4/crypto/http/http_lib.c:154:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int https_len = strlen(OSSL_HTTPS_PREFIX);
data/openssl-3.0.0~~alpha4/crypto/info.c:53:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
data/openssl-3.0.0~~alpha4/crypto/info.c:54:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                     sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
data/openssl-3.0.0~~alpha4/crypto/info.c:62:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
data/openssl-3.0.0~~alpha4/crypto/info.c:63:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                     sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
data/openssl-3.0.0~~alpha4/crypto/info.c:98:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        BIO_snprintf(ossl_cpu_info_str + strlen(ossl_cpu_info_str),
data/openssl-3.0.0~~alpha4/crypto/info.c:99:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                     sizeof(ossl_cpu_info_str) - strlen(ossl_cpu_info_str),
data/openssl-3.0.0~~alpha4/crypto/info.c:200:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            return ossl_cpu_info_str + strlen(CPUINFO_PREFIX);
data/openssl-3.0.0~~alpha4/crypto/mem.c:139:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(buff);
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:42:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int sz, len_0 = (int)strlen(filename) + 1;
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:68:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            MultiByteToWideChar(CP_UTF8, 0, mode, strlen(mode) + 1,
data/openssl-3.0.0~~alpha4/crypto/o_fopen.c:90:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((newname = OPENSSL_malloc(strlen(filename) + 1)) == NULL) {
data/openssl-3.0.0~~alpha4/crypto/o_str.c:24:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ret = CRYPTO_malloc(strlen(str) + 1, file, line);
data/openssl-3.0.0~~alpha4/crypto/o_str.c:81:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return l + strlen(src);
data/openssl-3.0.0~~alpha4/crypto/o_str.c:190:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf_n = strlen(str) >> 1;
data/openssl-3.0.0~~alpha4/crypto/o_str.c:213:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
static int buf2hexstr_sep(char *str, size_t str_n, size_t *strlen,
data/openssl-3.0.0~~alpha4/crypto/o_str.c:224:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen != NULL)
data/openssl-3.0.0~~alpha4/crypto/o_str.c:251:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlen,
data/openssl-3.0.0~~alpha4/crypto/o_str.c:254:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return buf2hexstr_sep(str, str_n, strlen, buf, buflen, DEFAULT_SEPARATOR);
data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.c:431:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            n = strlen(s);
data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.c:497:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            i = strlen(bndec);
data/openssl-3.0.0~~alpha4/crypto/objects/obj_dat.c:518:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            i = strlen(tbuf);
data/openssl-3.0.0~~alpha4/crypto/param_build.c:245:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bsize = strlen(buf) + 1;
data/openssl-3.0.0~~alpha4/crypto/param_build.c:264:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bsize = strlen(buf) + 1;
data/openssl-3.0.0~~alpha4/crypto/params.c:874:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return set_string_internal(p, val, strlen(val) + 1, OSSL_PARAM_UTF8_STRING);
data/openssl-3.0.0~~alpha4/crypto/params.c:893:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bsize = strlen(buf) + 1;
data/openssl-3.0.0~~alpha4/crypto/params.c:942:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            val == NULL ? 0 : strlen(val) + 1);
data/openssl-3.0.0~~alpha4/crypto/params_from_text.c:91:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *buf_n = strlen(value) + 1;
data/openssl-3.0.0~~alpha4/crypto/params_from_text.c:95:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            *buf_n = strlen(value) >> 1;
data/openssl-3.0.0~~alpha4/crypto/params_from_text.c:142:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(buf, value, buf_n);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_info.c:134:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((int)strlen(header) > 10) /* assume encrypted */
data/openssl-3.0.0~~alpha4/crypto/pem/pem_info.c:157:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((int)strlen(header) > 10) /* assume encrypted */
data/openssl-3.0.0~~alpha4/crypto/pem/pem_info.c:180:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if ((int)strlen(header) > 10) /* assume encrypted */
data/openssl-3.0.0~~alpha4/crypto/pem/pem_info.c:272:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                || (strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13)
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:38:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i = strlen(userdata);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:63:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(buf);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:69:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *p = buf + strlen(buf);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:86:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *p = buf + strlen(buf);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:101:13:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
            strcpy(p, "\n");
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:330:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                || (strlen(objstr) + 23 + 2 * EVP_CIPHER_iv_length(enc) + 13)
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:619:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nlen = strlen(name);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:626:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(header);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:868:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            namelen = strlen(name);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:1005:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int pem_len = strlen(pem_str);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_lib.c:1006:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int suffix_len = strlen(suffix);
data/openssl-3.0.0~~alpha4/crypto/pem/pem_local.h:34:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            klen = strlen(u);                                           \
data/openssl-3.0.0~~alpha4/crypto/pem/pem_pk8.c:87:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            klen = strlen(u);
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_utl.c:23:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        asclen = strlen(asc);
data/openssl-3.0.0~~alpha4/crypto/pkcs12/p12_utl.c:82:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        asclen = strlen(asc);
data/openssl-3.0.0~~alpha4/crypto/property/defn_cache.c:104:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(prop);
data/openssl-3.0.0~~alpha4/crypto/property/property.c:542:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p = OPENSSL_malloc(sizeof(*p) + (len = strlen(prop_query)));
data/openssl-3.0.0~~alpha4/crypto/property/property_string.c:115:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t l = strlen(s);
data/openssl-3.0.0~~alpha4/crypto/provider_conf.c:51:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            buffer_len = strlen(buffer);
data/openssl-3.0.0~~alpha4/crypto/provider_conf.c:57:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (buffer_len + strlen(sectconf->name) >= sizeof(buffer))
data/openssl-3.0.0~~alpha4/crypto/rand/rand_egd.c:70:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(path) >= sizeof(addr.sun_path))
data/openssl-3.0.0~~alpha4/crypto/rand/rand_egd.c:73:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = offsetof(struct sockaddr_un, sun_path) + strlen(path);
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:298:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(s);
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:304:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (len + 1 + strlen(RFILE) + 1 >= size)
data/openssl-3.0.0~~alpha4/crypto/rand/randfile.c:308:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(buf, "/");
data/openssl-3.0.0~~alpha4/crypto/s390xcap.c:673:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buff = malloc(strlen(env) + 1);
data/openssl-3.0.0~~alpha4/crypto/sm2/sm2_pmeth.c:252:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                             (int)strlen(value), (void *)value);
data/openssl-3.0.0~~alpha4/crypto/srp/srp_lib.c:163:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !EVP_DigestUpdate(ctxt, user, strlen(user))
data/openssl-3.0.0~~alpha4/crypto/srp/srp_lib.c:165:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !EVP_DigestUpdate(ctxt, pass, strlen(pass))
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:54:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size = strlen(src);
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:581:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !EVP_DigestUpdate(ctxt, vb->seed_key, strlen(vb->seed_key))
data/openssl-3.0.0~~alpha4/crypto/srp/srp_vfy.c:582:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !EVP_DigestUpdate(ctxt, username, strlen(username))
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:123:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return pass == NULL ? 0 : strlen(pass);
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:247:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (!PKCS12_verify_mac(p12, pass, strlen(pass))) {
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:389:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!PKCS12_pbe_crypt(dalg, pass, strlen(pass), doct->data, doct->length,
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1213:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(*pem_header) > 10) {
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1323:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        uri += strlen(uri) - 1;
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1341:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        long calculated_length = strlen(ctx->uri) + strlen(pathsep)
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1341:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        long calculated_length = strlen(ctx->uri) + strlen(pathsep)
data/openssl-3.0.0~~alpha4/crypto/store/loader_file.c:1342:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            + strlen(name) + 1 /* \0 */;
data/openssl-3.0.0~~alpha4/crypto/store/store_lib.c:572:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    search->stringlength = strlen(alias);
data/openssl-3.0.0~~alpha4/crypto/trace.c:80:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (trace_write(channel, str, strlen(str), &written))
data/openssl-3.0.0~~alpha4/crypto/trace.c:478:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                           prefix == NULL ? 0 : strlen(prefix), prefix);
data/openssl-3.0.0~~alpha4/crypto/trace.c:505:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                           suffix == NULL ? 0 : strlen(suffix), suffix);
data/openssl-3.0.0~~alpha4/crypto/ts/ts_lib.c:30:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        result = result && BIO_write(bio, hex, strlen(hex)) > 0;
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_sign.c:307:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !ASN1_STRING_set(utf8_text, text, strlen(text)))
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_sign.c:785:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p += strlen(p);
data/openssl-3.0.0~~alpha4/crypto/ts/ts_rsp_verify.c:401:21:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                    strcat(failure_text, ",");
data/openssl-3.0.0~~alpha4/crypto/txt_db/txt_db.c:69:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        i = strlen(&(buf->data[offset]));
data/openssl-3.0.0~~alpha4/crypto/txt_db/txt_db.c:207:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                l += strlen(pp[j]);
data/openssl-3.0.0~~alpha4/crypto/ui/ui_lib.c:374:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = sizeof(prompt1) - 1 + strlen(object_desc);
data/openssl-3.0.0~~alpha4/crypto/ui/ui_lib.c:376:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len += sizeof(prompt2) - 1 + strlen(object_name);
data/openssl-3.0.0~~alpha4/crypto/ui/ui_lib.c:879:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return UI_set_result_ex(ui, uis, result, strlen(result));
data/openssl-3.0.0~~alpha4/crypto/ui/ui_openssl.c:714:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(buf);
data/openssl-3.0.0~~alpha4/crypto/x509/by_dir.c:179:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (strlen(ent->dir) == len && strncmp(ent->dir, ss, len) == 0)
data/openssl-3.0.0~~alpha4/crypto/x509/by_dir.c:259:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
data/openssl-3.0.0~~alpha4/crypto/x509/by_dir.c:283:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            c = ent->dir[strlen(ent->dir) - 1];
data/openssl-3.0.0~~alpha4/crypto/x509/v3_alt.c:571:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                             strlen(value))) {
data/openssl-3.0.0~~alpha4/crypto/x509/v3_conf.c:195:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
data/openssl-3.0.0~~alpha4/crypto/x509/v3_conf.c:209:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((strlen(p) >= 4) && strncmp(p, "DER:", 4) == 0) {
data/openssl-3.0.0~~alpha4/crypto/x509/v3_conf.c:212:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    } else if ((strlen(p) >= 5) && strncmp(p, "ASN1:", 5) == 0) {
data/openssl-3.0.0~~alpha4/crypto/x509/v3_cpols.c:209:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(cnf->value)))
data/openssl-3.0.0~~alpha4/crypto/x509/v3_cpols.c:317:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(value);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_cpols.c:333:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(cnf->value)))
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ia5.c:54:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!ASN1_STRING_set((ASN1_STRING *)ia5, str, strlen(str))) {
data/openssl-3.0.0~~alpha4/crypto/x509/v3_info.c:84:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        nlen = strlen(objtmp) + 3 + strlen(vtmp->name) + 1;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_info.c:84:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        nlen = strlen(objtmp) + 3 + strlen(vtmp->name) + 1;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ist.c:60:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ASN1_STRING_set(ist->signTool, cnf->value, strlen(cnf->value));
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ist.c:68:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ASN1_STRING_set(ist->cATool, cnf->value, strlen(cnf->value));
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ist.c:76:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ASN1_STRING_set(ist->signToolCert, cnf->value, strlen(cnf->value));
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ist.c:84:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ASN1_STRING_set(ist->cAToolCert, cnf->value, strlen(cnf->value));
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ncons.c:339:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((size_t)utf8_length != strlen((char *)utf8_value)) {
data/openssl-3.0.0~~alpha4/crypto/x509/v3_ncons.c:643:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        hostlen = strlen(hostptr);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_pci.c:203:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            val_len = strlen(val->value + 5);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_prn.c:59:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(nval->value) + 1;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_prn.c:110:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(value) + 1;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_sxnet.c:152:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        userlen = strlen(user);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_sxnet.c:173:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        userlen = strlen(user);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utf8.c:60:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!ASN1_STRING_set((ASN1_STRING *)utf8, str, strlen(str))) {
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:128:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(tmp) + 3;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:397:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    q = p + strlen(p) - 1;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:417:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(cmp);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:801:73:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal,
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:847:14:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    equal_fn equal;
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:871:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        chklen = strlen(chk);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:890:55:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
            if ((rv = do_check_string(cstr, alt_type, equal, flags,
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:912:44:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        if ((rv = do_check_string(str, -1, equal, flags,
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:930:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        chklen = strlen(chk);
data/openssl-3.0.0~~alpha4/crypto/x509/v3_utl.c:949:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        chklen = strlen((char *)chk);
data/openssl-3.0.0~~alpha4/crypto/x509/x509_cmp.c:51:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!EVP_DigestUpdate(ctx, (unsigned char *)f, strlen(f)))
data/openssl-3.0.0~~alpha4/crypto/x509/x509_obj.c:57:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
        strncpy(buf, "NO X509_NAME", len);
data/openssl-3.0.0~~alpha4/crypto/x509/x509_obj.c:71:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        l1 = strlen(s);
data/openssl-3.0.0~~alpha4/crypto/x509/x509_vfy.c:2715:21:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    recnum = (dane->umask & mask) ? sk_danetls_record_num(dane->trecs) : 0;
data/openssl-3.0.0~~alpha4/crypto/x509/x509_vpm.c:50:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        namelen = name ? strlen(name) : 0;
data/openssl-3.0.0~~alpha4/crypto/x509/x509_vpm.c:249:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            srclen = strlen(src);
data/openssl-3.0.0~~alpha4/crypto/x509/x509name.c:330:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen((const char *)bytes);
data/openssl-3.0.0~~alpha4/crypto/x509/x509spki.c:37:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(str);
data/openssl-3.0.0~~alpha4/demos/bio/sconnect.c:80:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(p);
data/openssl-3.0.0~~alpha4/e_os.h:122:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#    define strlen(s) _strlen31(s)
data/openssl-3.0.0~~alpha4/engines/e_afalg.c:283:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        r = read(aio->efd, &eval, sizeof(eval));
data/openssl-3.0.0~~alpha4/engines/e_capi.c:1116:18:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len_0 = (int)wcslen(wstr) + 1; /* WideCharToMultiByte expects int */
data/openssl-3.0.0~~alpha4/engines/e_dasync.c:532:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(pipefds[0], &buf, 1) < 0)
data/openssl-3.0.0~~alpha4/fuzz/driver.c:41:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        size_t size = read(0, buf, BUF_SIZE);
data/openssl-3.0.0~~alpha4/fuzz/test-corpus.c:67:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t dirname_len = strlen(argv[n]);
data/openssl-3.0.0~~alpha4/include/internal/bio.h:36:60:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
int bread_conv(BIO *bio, char *data, size_t datal, size_t *read);
data/openssl-3.0.0~~alpha4/include/internal/cryptlib.h:216:5:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
    usleep(millis * 1000);
data/openssl-3.0.0~~alpha4/include/internal/dane.h:72:21:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    uint32_t        umask;      /* Usages present */
data/openssl-3.0.0~~alpha4/include/internal/dane.h:93:52:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_PKIX(dane) ((dane) && ((dane)->umask & DANETLS_PKIX_MASK))
data/openssl-3.0.0~~alpha4/include/internal/dane.h:94:52:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_DANE(dane) ((dane) && ((dane)->umask & DANETLS_DANE_MASK))
data/openssl-3.0.0~~alpha4/include/internal/dane.h:95:52:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_TA(dane)   ((dane) && ((dane)->umask & DANETLS_TA_MASK))
data/openssl-3.0.0~~alpha4/include/internal/dane.h:96:52:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_EE(dane)   ((dane) && ((dane)->umask & DANETLS_EE_MASK))
data/openssl-3.0.0~~alpha4/include/internal/dane.h:98:53:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_PKIX_TA(dane) ((dane)&&((dane)->umask & DANETLS_PKIX_TA_MASK))
data/openssl-3.0.0~~alpha4/include/internal/dane.h:99:53:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_PKIX_EE(dane) ((dane)&&((dane)->umask & DANETLS_PKIX_EE_MASK))
data/openssl-3.0.0~~alpha4/include/internal/dane.h:100:53:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_DANE_TA(dane) ((dane)&&((dane)->umask & DANETLS_DANE_TA_MASK))
data/openssl-3.0.0~~alpha4/include/internal/dane.h:101:53:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
#define DANETLS_HAS_DANE_EE(dane) ((dane)&&((dane)->umask & DANETLS_DANE_EE_MASK))
data/openssl-3.0.0~~alpha4/include/internal/sockets.h:146:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#  define readsocket(s,b,n)           read((s),(b),(n))
data/openssl-3.0.0~~alpha4/include/internal/sockets.h:151:35:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#  define readsocket(s,b,n)       read((s),(b),(n))
data/openssl-3.0.0~~alpha4/include/openssl/bio.h:818:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                      int (*read) (BIO *, char *, int));
data/openssl-3.0.0~~alpha4/include/openssl/crypto.h:118:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlen,
data/openssl-3.0.0~~alpha4/providers/fips/self_test.c:154:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                            strlen(DIGEST_NAME) + 1);
data/openssl-3.0.0~~alpha4/providers/fips/self_test.c:258:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     strlen(st->indicator_data));
data/openssl-3.0.0~~alpha4/providers/fips/self_test_kats.c:471:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                         strlen(t->mdalgorithm) + 1))
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c:452:33:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                    while ((r = read(fd, &c, 1)) < 0 && errno == EINTR);
data/openssl-3.0.0~~alpha4/providers/implementations/rands/seeding/rand_unix.c:665:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                bytes = read(fd, buffer, bytes_needed);
data/openssl-3.0.0~~alpha4/providers/implementations/signature/rsa.c:228:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t mdname_len = strlen(mdname);
data/openssl-3.0.0~~alpha4/ssl/bio_ssl.c:417:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(str);
data/openssl-3.0.0~~alpha4/ssl/d1_srtp.c:51:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((len == strlen(p->name))
data/openssl-3.0.0~~alpha4/ssl/d1_srtp.c:82:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                               : strlen(ptr))) {
data/openssl-3.0.0~~alpha4/ssl/record/record.h:64:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    unsigned int read;
data/openssl-3.0.0~~alpha4/ssl/record/record_local.h:101:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define SSL3_RECORD_is_read(r)                  ((r)->read)
data/openssl-3.0.0~~alpha4/ssl/s3_enc.c:517:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                strlen((const char *)salt[i])) <= 0
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:3535:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen((char *)parg);
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:3931:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
data/openssl-3.0.0~~alpha4/ssl/s3_lib.c:3931:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen((const char *)parg) > 255 || strlen((const char *)parg) < 1) {
data/openssl-3.0.0~~alpha4/ssl/ssl_asn1.c:99:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ssl_session_oinit(dest, os, (const unsigned char *)data, strlen(data));
data/openssl-3.0.0~~alpha4/ssl/ssl_cert.c:737:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) {
data/openssl-3.0.0~~alpha4/ssl/ssl_cert.c:737:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(dir) + strlen(filename) + 2 > sizeof(buf)) {
data/openssl-3.0.0~~alpha4/ssl/ssl_conf.c:764:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(*pcmd) <= cctx->prefixlen)
data/openssl-3.0.0~~alpha4/ssl/ssl_conf.c:994:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        cctx->prefixlen = strlen(tmp);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:463:11:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    dane->umask |= DANETLS_USAGE_BIT(usage);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:2755:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        n = strlen(c->name);
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:4491:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:4510:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
data/openssl-3.0.0~~alpha4/ssl/ssl_lib.c:5452:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    prefix_len = strlen(prefix);
data/openssl-3.0.0~~alpha4/ssl/ssl_rsa.c:972:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        name_len = strlen(name);
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:55:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                       strlen(s->ext.hostname))
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:107:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(s->srp_ctx.login))
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_clnt.c:820:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            idlen = strlen(identity);
data/openssl-3.0.0~~alpha4/ssl/statem/extensions_srvr.c:178:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            strlen(s->session->ext.hostname));
data/openssl-3.0.0~~alpha4/ssl/statem/statem_clnt.c:2916:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    identitylen = strlen(identity);
data/openssl-3.0.0~~alpha4/ssl/statem/statem_srvr.c:2693:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        ? 0 : strlen(s->cert->psk_identity_hint);
data/openssl-3.0.0~~alpha4/ssl/tls_srp.c:333:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OPENSSL_clear_free(passwd, strlen(passwd));
data/openssl-3.0.0~~alpha4/test/asn1_time_test.c:119:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    atime.length = strlen((char*)atime.data);
data/openssl-3.0.0~~alpha4/test/asynciotest.c:284:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return async_write(bio, str, strlen(str));
data/openssl-3.0.0~~alpha4/test/bftest.c:268:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    printf("\ndata[%d]  = '%s'", (int)strlen(cbc_data) + 1, cbc_data);
data/openssl-3.0.0~~alpha4/test/bftest.c:269:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    printf("\ndata[%d]  = ", (int)strlen(cbc_data) + 1);
data/openssl-3.0.0~~alpha4/test/bftest.c:270:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (j = 0; j < strlen(cbc_data) + 1; j++)
data/openssl-3.0.0~~alpha4/test/bftest.c:280:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
data/openssl-3.0.0~~alpha4/test/bftest.c:281:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (j = 0; j < strlen(cbc_data) + 1; j++)
data/openssl-3.0.0~~alpha4/test/bftest.c:286:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
data/openssl-3.0.0~~alpha4/test/bftest.c:287:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (j = 0; j < strlen(cbc_data) + 1; j++)
data/openssl-3.0.0~~alpha4/test/bftest.c:299:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]);
data/openssl-3.0.0~~alpha4/test/bftest.c:355:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/bftest.c:368:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_mem_eq(cbc_in, len, cbc_data, strlen(cbc_data) + 1))
data/openssl-3.0.0~~alpha4/test/bftest.c:381:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/bftest.c:413:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/bftest.c:461:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
data/openssl-3.0.0~~alpha4/test/bftest.c:463:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
data/openssl-3.0.0~~alpha4/test/bntest.c:107:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (parseBN(&ret, hex) != (int)strlen(hex)) {
data/openssl-3.0.0~~alpha4/test/bntest.c:2717:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_mem_eq(s, strlen(s), test->res, strlen(test->res)))
data/openssl-3.0.0~~alpha4/test/bntest.c:2717:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_mem_eq(s, strlen(s), test->res, strlen(test->res)))
data/openssl-3.0.0~~alpha4/test/bntest.c:2755:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_mem_eq(s, strlen(s), test->res, strlen(test->res)))
data/openssl-3.0.0~~alpha4/test/bntest.c:2755:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_mem_eq(s, strlen(s), test->res, strlen(test->res)))
data/openssl-3.0.0~~alpha4/test/clienthellotest.c:179:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                  strlen(dummytick))))
data/openssl-3.0.0~~alpha4/test/clienthellotest.c:221:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                           strlen(dummytick)))) {
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:126:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    msg_total_size += strlen(msg);
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:127:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    TEST_note("total=%d len=%zu msg='%s'\n", msg_total_size, strlen(msg), msg);
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:161:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        base_err_msg_size = strlen("INVALID_ARGS");
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:163:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        base_err_msg_size += strlen("NULL_ARGUMENT");
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:166:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        expected_size += strlen(" : " "data1");
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:168:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        expected_size += strlen(" : " "data2");
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:170:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        expected_size += strlen("\n" "new line");
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:176:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        base_err_msg_size = strlen("INVALID_ARGS") + strlen(" : ");
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:176:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        base_err_msg_size = strlen("INVALID_ARGS") + strlen(" : ");
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:180:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            expected_size += strlen(STR_SEP) + strlen(max_str_literal);
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:180:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            expected_size += strlen(STR_SEP) + strlen(max_str_literal);
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:182:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        expected_size += base_err_msg_size - 2 * strlen(STR_SEP);
data/openssl-3.0.0~~alpha4/test/cmp_ctx_test.c:591:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                             strlen(val));              \
data/openssl-3.0.0~~alpha4/test/cmsapitest.c:29:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    BIO *msgbio = BIO_new_mem_buf(msg, strlen(msg));
data/openssl-3.0.0~~alpha4/test/cmsapitest.c:49:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_eq(BIO_gets(outmsgbio, buf, sizeof(buf)), strlen(msg))
data/openssl-3.0.0~~alpha4/test/danetest.c:163:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(buf);
data/openssl-3.0.0~~alpha4/test/danetest.c:190:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_ptr(ret = OPENSSL_malloc(strlen(in) / 2)))
data/openssl-3.0.0~~alpha4/test/destest.c:367:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t cbc_data_len = strlen((char *)cbc_data);
data/openssl-3.0.0~~alpha4/test/destest.c:391:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t n = strlen((char *)cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/destest.c:414:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t i = strlen((char *)cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/destest.c:445:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t n = strlen(i + (char *)cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/destest.c:460:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t n = strlen((char *)cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/destest.c:491:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int n = strlen((char *)cbc_data) + 1;
data/openssl-3.0.0~~alpha4/test/destest.c:674:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks,
data/openssl-3.0.0~~alpha4/test/destest.c:686:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                        (long)strlen((char *)cbc_data), 2,
data/openssl-3.0.0~~alpha4/test/errtest.c:56:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !TEST_strn_eq(expected, p, strlen(expected)))
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:872:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:890:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                          strlen(id)), 0))
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:898:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1088:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        inlen = strlen(keys[tst].pub);
data/openssl-3.0.0~~alpha4/test/evp_extra_test.c:1104:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        inlen = strlen(keys[tst].priv);
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:449:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_DIGEST, digest, strlen(digest) + 1);
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:451:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_MAC, mac, strlen(mac) + 1);
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:455:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_SALT, label, strlen(label));
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:457:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_INFO, prf_input, strlen(prf_input));
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:494:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_DIGEST, digest, strlen(digest) + 1);
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:496:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_MAC, mac, strlen(mac) + 1);
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:500:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_SALT, label, strlen(label));
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:502:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        OSSL_KDF_PARAM_INFO, prf_input, strlen(prf_input));
data/openssl-3.0.0~~alpha4/test/evp_kdf_test.c:723:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                            strlen(cek_alg) + 1);
data/openssl-3.0.0~~alpha4/test/evp_test.c:302:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t vlen = strlen(++value);
data/openssl-3.0.0~~alpha4/test/evp_test.c:1010:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t sz = strlen(alg);
data/openssl-3.0.0~~alpha4/test/evp_test.c:1315:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                              strlen(tmpval), NULL)) {
data/openssl-3.0.0~~alpha4/test/evp_test.c:2420:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                       p != NULL ? strlen(p) : 0, NULL);
data/openssl-3.0.0~~alpha4/test/fatalerrtest.c:72:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_le(SSL_write(sssl, msg, strlen(msg)), 0))
data/openssl-3.0.0~~alpha4/test/filterprov.c:176:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        namelen = strlen(name);
data/openssl-3.0.0~~alpha4/test/handshake_helper.c:191:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (len == strlen("server2") && strncmp(servername, "server2", len) == 0) {
data/openssl-3.0.0~~alpha4/test/handshake_helper.c:204:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    } else if (len == strlen("server1") &&
data/openssl-3.0.0~~alpha4/test/handshake_helper.c:345:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(protos);
data/openssl-3.0.0~~alpha4/test/handshake_helper.c:476:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return SSL_SESSION_set1_ticket_appdata(ss, app_data, strlen(app_data));
data/openssl-3.0.0~~alpha4/test/handshake_helper.c:1705:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ret->cipher = dup_str((const unsigned char*)cipher, strlen(cipher));
data/openssl-3.0.0~~alpha4/test/http_test.c:67:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(rpath);
data/openssl-3.0.0~~alpha4/test/http_test.c:71:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen("HTTP/1.");
data/openssl-3.0.0~~alpha4/test/mdc2_internal_test.c:61:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strlen(testdata.input));
data/openssl-3.0.0~~alpha4/test/mdc2test.c:53:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t tlen = strlen(text), i = 0;
data/openssl-3.0.0~~alpha4/test/ossl_shim/test_config.cc:166:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      std::unique_ptr<uint8_t[]> decoded(new uint8_t[strlen(argv[i])]);
data/openssl-3.0.0~~alpha4/test/ossl_shim/test_config.cc:169:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                strlen(argv[i]));
data/openssl-3.0.0~~alpha4/test/p_test.c:94:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            p->return_size = buf_l = strlen(buf) + 1;
data/openssl-3.0.0~~alpha4/test/packettest.c:254:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(strlen(data), 10)
data/openssl-3.0.0~~alpha4/test/packettest.c:258:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(strlen(data), 5)
data/openssl-3.0.0~~alpha4/test/params_test.c:145:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(obj->p5, params->data, params->data_size);
data/openssl-3.0.0~~alpha4/test/params_test.c:146:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            obj->p5_l = strlen(obj->p5) + 1;
data/openssl-3.0.0~~alpha4/test/params_test.c:174:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t bytes = strlen(obj->p4) + 1;
data/openssl-3.0.0~~alpha4/test/params_test.c:181:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t bytes = strlen(obj->p5) + 1;
data/openssl-3.0.0~~alpha4/test/params_test.c:194:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t bytes = strlen(obj->p6) + 1;
data/openssl-3.0.0~~alpha4/test/params_test.c:232:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        obj->p5_l = strlen(obj->p5) + 1;
data/openssl-3.0.0~~alpha4/test/params_test.c:237:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        obj->p6_l = strlen(obj->p6) + 1;
data/openssl-3.0.0~~alpha4/test/pemtest.c:48:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_eq(memcmp(pemtype, name, strlen(pemtype)), 0)
data/openssl-3.0.0~~alpha4/test/pemtest.c:49:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !TEST_int_eq(len, strlen(raw))
data/openssl-3.0.0~~alpha4/test/pemtest.c:50:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !TEST_int_eq(memcmp(data, raw, strlen(raw)), 0))
data/openssl-3.0.0~~alpha4/test/shlibloadtest.c:58:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (filename[strlen(filename) - 1] == ')')
data/openssl-3.0.0~~alpha4/test/sm2_internal_test.c:67:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fake_rand_size = strlen(hex_bytes) / 2;
data/openssl-3.0.0~~alpha4/test/sm2_internal_test.c:149:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t msg_len = strlen(message);
data/openssl-3.0.0~~alpha4/test/sm2_internal_test.c:275:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t msg_len = strlen(message);
data/openssl-3.0.0~~alpha4/test/sm2_internal_test.c:302:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sig = sm2_do_sign(key, EVP_sm3(), (const uint8_t *)userid, strlen(userid),
data/openssl-3.0.0~~alpha4/test/sm2_internal_test.c:319:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                       strlen(userid), (const uint8_t *)message, msg_len);
data/openssl-3.0.0~~alpha4/test/ssl_test.c:204:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        result_len = strlen(result->result_session_ticket_app_data);
data/openssl-3.0.0~~alpha4/test/ssl_test.c:206:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        expected_len = strlen(test_ctx->expected_session_ticket_app_data);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:148:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int line_length = strlen(line);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:164:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int line_length = strlen(line);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:228:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (!TEST_size_t_eq(strlen(token), 16))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:251:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (!TEST_size_t_eq(strlen(token), 64))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:265:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (!TEST_false(compare_hex_encoded_buffer(token, strlen(token),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:306:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (!TEST_size_t_eq(strlen(token), 64))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:2981:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *idlen = strlen(pskid);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:2996:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(pskid) + 1 > max_id_len)
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3010:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(id, pskid, max_id_len);
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3029:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(srvid) != identity_len
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3223:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3225:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3229:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(MSG1, readbytes, buf, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3238:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(serverssl, MSG2, strlen(MSG2),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3240:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG2))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3242:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3246:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(clientssl, MSG3, strlen(MSG3),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3248:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG3)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3255:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG3, strlen(MSG3)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3259:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(serverssl, MSG4, strlen(MSG4),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3261:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG4))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3263:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG4, strlen(MSG4)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3270:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(clientssl, MSG5, strlen(MSG5), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3271:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG5))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3305:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(serverssl, MSG6, strlen(MSG6),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3307:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG6)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3318:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(readbytes, strlen(MSG5)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3322:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_false(SSL_write_early_data(clientssl, MSG6, strlen(MSG6),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3334:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG6, strlen(MSG6)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3348:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(serverssl, MSG7, strlen(MSG7), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3349:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG7))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3351:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG7, strlen(MSG7)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3370:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3372:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3376:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3384:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_false(SSL_write_early_data(clientssl, MSG6, strlen(MSG6),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3395:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(clientssl, MSG5, strlen(MSG5), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3396:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG5))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3398:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(readbytes, strlen(MSG5)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3499:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3501:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG1)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3520:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                || !TEST_mem_eq(MSG1, strlen(MSG1), buf, readbytes)
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3617:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3619:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG1)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3642:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_false(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3661:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (!TEST_false(SSL_write_ex(clientssl, MSG2, strlen(MSG2),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3698:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3699:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG2))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3703:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3776:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_false(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3791:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3792:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3794:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3795:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !SSL_write_ex(serverssl, MSG2, strlen(MSG2), &written)
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3796:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3800:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3831:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (protlen == strlen(servalpn)
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3983:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_false(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3989:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:3996:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    && !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4083:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4090:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4098:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4099:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4103:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4141:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4159:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4160:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4164:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4202:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_false(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4219:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_false(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4229:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_true(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4230:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4234:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4235:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_true(SSL_write_ex(serverssl, MSG2, strlen(MSG2), &written))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4236:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(written, strlen(MSG2))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4238:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:4737:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 strlen(negotiated_scipher)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5782:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_int_eq(SSL_write(clientssl, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5782:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_int_eq(SSL_write(clientssl, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5784:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                         strlen(mess)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5787:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_int_eq(SSL_write(serverssl, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5787:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_int_eq(SSL_write(serverssl, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5789:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                         strlen(mess)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5850:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), -1)
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5867:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5867:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5868:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5872:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5872:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:5873:69:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6529:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1),
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6531:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                || !TEST_size_t_eq(written, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6535:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                || !TEST_mem_eq(MSG1, readbytes, buf, strlen(MSG1))
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6832:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                           strlen(appdata));
data/openssl-3.0.0~~alpha4/test/sslapitest.c:6855:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            || !TEST_size_t_eq(tickdlen, strlen(appdata))
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:280:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(in);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:284:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    out = OPENSSL_malloc(strlen(in) + 1);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:365:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        (client_proto_len != strlen(alpn_expected) ||
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:478:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *outlen = strlen(custom_ext_cli_string);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:496:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *outlen = strlen(custom_ext_cli_string);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:518:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *outlen = strlen(custom_ext_cli_string);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:528:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (inlen != strlen(custom_ext_srv_string))
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:564:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (inlen != strlen(custom_ext_cli_string))
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:585:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (inlen != strlen(custom_ext_cli_string))
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:608:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (inlen != strlen(custom_ext_cli_string))
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:620:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *outlen = strlen(custom_ext_srv_string);
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:1017:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
data/openssl-3.0.0~~alpha4/test/ssltest_old.c:1049:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            i = strlen(argv[0]);
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:247:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return tls_dump_write(bio, str, strlen(str));
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:590:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return mempacket_test_write(bio, str, strlen(str));
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:931:36:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                               int read)
data/openssl-3.0.0~~alpha4/test/ssltestlib.c:973:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if (isdtls && read) {
data/openssl-3.0.0~~alpha4/test/ssltestlib.h:22:36:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                               int read);
data/openssl-3.0.0~~alpha4/test/test_test.c:309:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return TEST(0, TEST_mem_eq(p, strlen(p), q, strlen(q)));
data/openssl-3.0.0~~alpha4/test/test_test.c:309:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return TEST(0, TEST_mem_eq(p, strlen(p), q, strlen(q)));
data/openssl-3.0.0~~alpha4/test/test_test.c:398:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
           & TEST(0, TEST_mem_eq(r, strlen(r), s, strlen(s)));
data/openssl-3.0.0~~alpha4/test/test_test.c:398:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
           & TEST(0, TEST_mem_eq(r, strlen(r), s, strlen(s)));
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:397:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len += strlen(list[i]);
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:406:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p += strlen(strcpy(p, list[i]));
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:418:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1;
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:418:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1;
data/openssl-3.0.0~~alpha4/test/testutil/driver.c:418:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1;
data/openssl-3.0.0~~alpha4/test/testutil/format_output.c:256:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strcpy(p - strlen(r), r);
data/openssl-3.0.0~~alpha4/test/testutil/stanza.c:78:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (q = p + strlen(p) - 1; q != p && isspace((unsigned char)*q); )
data/openssl-3.0.0~~alpha4/test/testutil/tests.c:283:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 s1, s1 == NULL ? 0 : strlen(s1),
data/openssl-3.0.0~~alpha4/test/testutil/tests.c:284:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 s2, s2 == NULL ? 0 : strlen(s2));
data/openssl-3.0.0~~alpha4/test/testutil/tests.c:297:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 s1, s1 == NULL ? 0 : strlen(s1),
data/openssl-3.0.0~~alpha4/test/testutil/tests.c:298:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 s2, s2 == NULL ? 0 : strlen(s2));
data/openssl-3.0.0~~alpha4/test/time_offset_test.c:75:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    at.length = strlen(testdata->data);
data/openssl-3.0.0~~alpha4/test/tls13ccstest.c:240:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return watchccs_write(bio, str, strlen(str));
data/openssl-3.0.0~~alpha4/test/tls13ccstest.c:346:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                || !TEST_true(SSL_write_early_data(cssl, msg, strlen(msg),
data/openssl-3.0.0~~alpha4/test/tls13encryptiontest.c:210:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        totlen += strlen(str[outer]);
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:324:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(client_hts_label), client_hts,
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:339:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(server_hts_label), server_hts,
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:373:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(client_ats_label), client_ats,
data/openssl-3.0.0~~alpha4/test/tls13secretstest.c:388:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               strlen(server_ats_label), server_ats,
data/openssl-3.0.0~~alpha4/test/uitest.c:24:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(buf);
data/openssl-3.0.0~~alpha4/test/v3nametest.c:293:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t namelen = strlen(*pname);
data/openssl-3.0.0~~alpha4/test/verify_extra_test.c:205:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               (int)strlen(distid))) {
data/openssl-3.0.0~~alpha4/test/verify_extra_test.c:245:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               (int)strlen(distid))) {
data/openssl-3.0.0~~alpha4/test/x509_time_test.c:264:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    t.length = strlen(x509_cmp_tests[idx].data);
data/openssl-3.0.0~~alpha4/test/x509_time_test.c:527:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        || !TEST_int_eq(rv, (int)strlen(readable))

ANALYSIS SUMMARY:

Hits = 3842
Lines analyzed = 591425 in approximately 15.81 seconds (37408 lines/second)
Physical Source Lines of Code (SLOC) = 458304
Hits@level = [0] 599 [1] 749 [2] 2930 [3]  41 [4] 117 [5]   5
Hits@level+ = [0+] 4441 [1+] 3842 [2+] 3093 [3+] 163 [4+] 122 [5+]   5
Hits/KSLOC@level+ = [0+] 9.69007 [1+] 8.38308 [2+] 6.7488 [3+] 0.355659 [4+] 0.266199 [5+] 0.0109098
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.