Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_block.c Examining data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c Examining data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c Examining data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_ddict.h Examining data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_ddict.c Examining data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_internal.h Examining data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_block.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_legacy.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v01.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.h Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v01.c Examining data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/hist.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstdmt_compress.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_fast.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_opt.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_sequences.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/huf_compress.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_double_fast.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_literals.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_fast.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/fse_compress.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_double_fast.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_sequences.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_literals.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_ldm.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstdmt_compress.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_cwksp.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_lazy.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_opt.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_internal.h Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_ldm.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/hist.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_lazy.c Examining data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c Examining data/python-zstd-1.4.5.1/zstd/lib/zstd.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/threading.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/entropy_common.c Examining data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/huf.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/cpu.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/threading.c Examining data/python-zstd-1.4.5.1/zstd/lib/common/pool.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/compiler.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/bitstream.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/fse_decompress.c Examining data/python-zstd-1.4.5.1/zstd/lib/common/debug.c Examining data/python-zstd-1.4.5.1/zstd/lib/common/error_private.c Examining data/python-zstd-1.4.5.1/zstd/lib/common/fse.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/zstd_errors.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/zstd_common.c Examining data/python-zstd-1.4.5.1/zstd/lib/common/error_private.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/mem.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/zstd_internal.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/debug.h Examining data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c Examining data/python-zstd-1.4.5.1/zstd/lib/common/pool.c Examining data/python-zstd-1.4.5.1/src/util.h Examining data/python-zstd-1.4.5.1/src/python-zstd.h Examining data/python-zstd-1.4.5.1/src/python-zstd.c Examining data/python-zstd-1.4.5.1/src/util.c FINAL RESULTS: data/python-zstd-1.4.5.1/src/util.h:63:13: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. #define chmod _chmod data/python-zstd-1.4.5.1/zstd/lib/common/debug.h:97:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, __VA_ARGS__); \ data/python-zstd-1.4.5.1/zstd/lib/common/debug.h:101:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, __FILE__ ": " __VA_ARGS__); \ data/python-zstd-1.4.5.1/zstd/lib/common/threading.h:51:52: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define ZSTD_pthread_mutex_init(a, b) ((void)(b), InitializeCriticalSection((a)), 0) data/python-zstd-1.4.5.1/zstd/lib/common/threading.h:53:40: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define ZSTD_pthread_mutex_lock(a) EnterCriticalSection((a)) data/python-zstd-1.4.5.1/src/util.c:154:31: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). { FILE* const cpuinfo = fopen("/proc/cpuinfo", "r"); data/python-zstd-1.4.5.1/src/util.c:156:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[BUF_SIZE]; data/python-zstd-1.4.5.1/src/util.c:178:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). siblings = atoi(sep + 1); data/python-zstd-1.4.5.1/src/util.c:187:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cpu_cores = atoi(sep + 1); data/python-zstd-1.4.5.1/zstd/lib/common/entropy_common.c:57:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4]; data/python-zstd-1.4.5.1/zstd/lib/common/entropy_common.c:59:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, headerBuffer, hbSize); data/python-zstd-1.4.5.1/zstd/lib/common/fse_decompress.c:98:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); data/python-zstd-1.4.5.1/zstd/lib/common/mem.h:259:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/common/mem.h:264:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/common/mem.h:269:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/common/pool.c:209:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(threadPool, ctx->threads, ctx->threadCapacity * sizeof(*threadPool)); data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c:87:76: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void* XXH_memcpy(void* dest, const void* src, size_t size) { return memcpy(dest,src,size); } data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c:310:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstState, srcState, sizeof(*dstState)); data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c:315:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstState, srcState, sizeof(*dstState)); data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c:562:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(statePtr, &state, sizeof(state)); data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c:575:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(statePtr, &state, sizeof(state)); data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c:846:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &hash, sizeof(*dst)); data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.c:853:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &hash, sizeof(*dst)); data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.h:226:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef struct { unsigned char digest[4]; } XXH32_canonical_t; data/python-zstd-1.4.5.1/zstd/lib/common/xxhash.h:227:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef struct { unsigned char digest[8]; } XXH64_canonical_t; data/python-zstd-1.4.5.1/zstd/lib/common/zstd_internal.h:234:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, 8); data/python-zstd-1.4.5.1/zstd/lib/common/zstd_internal.h:243:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, 16); data/python-zstd-1.4.5.1/zstd/lib/common/zstd_internal.h:308:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, length); data/python-zstd-1.4.5.1/zstd/lib/compress/huf_compress.c:719:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oldHufTable, table->CTable, sizeof(table->CTable)); /* Save new table */ data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:908:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dictBuffer, dict, dictSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1673:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cctx->blockState.prevCBlock, &cdict->cBlockState, sizeof(cdict->cBlockState)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1706:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cctx->blockState.matchState.hashTable, data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1709:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cctx->blockState.matchState.chainTable, data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1734:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cctx->blockState.prevCBlock, &cdict->cBlockState, sizeof(cdict->cBlockState)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1778:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dstCCtx->customMem, &srcCCtx->customMem, sizeof(ZSTD_customMem)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1800:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstCCtx->blockState.matchState.hashTable, data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1803:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstCCtx->blockState.matchState.chainTable, data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1806:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstCCtx->blockState.matchState.hashTable3, data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:1824:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstCCtx->blockState.prevCBlock, srcCCtx->blockState.prevCBlock, sizeof(*srcCCtx->blockState.prevCBlock)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:2026:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&nextEntropy->fse, &prevEntropy->fse, sizeof(prevEntropy->fse)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:2229:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(seqStorePtr->lit, anchor, lastLLSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress.c:3367:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(internalBuffer, dictBuffer, dictSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_internal.h:375:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((BYTE*)dst + ZSTD_blockHeaderSize, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_literals.c:38:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ostart + flSize, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_literals.c:89:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextHuf, prevHuf, sizeof(*prevHuf)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_literals.c:121:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextHuf, prevHuf, sizeof(*prevHuf)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_literals.c:125:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextHuf, prevHuf, sizeof(*prevHuf)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_sequences.c:242:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextCTable, prevCTable, prevCTableSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c:82:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextHuf, prevHuf, sizeof(*prevHuf)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c:140:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextHuf, prevHuf, sizeof(*prevHuf)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c:147:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextHuf, prevHuf, sizeof(*prevHuf)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c:351:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, hufMetadata->hufDesBuffer, hufMetadata->hufDesSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c:477:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, fseMetadata->fseTablesBuffer, fseMetadata->fseTablesSize); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c:793:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&nextCBlock->entropy.huf, &prevCBlock->entropy.huf, sizeof(prevCBlock->entropy.huf)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_compress_superblock.c:816:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nextCBlock->rep, &rep, sizeof(rep)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_opt.c:928:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opt[cur].rep, &newReps, sizeof(repcodes_t)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_opt.c:930:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opt[cur].rep, opt[cur - 1].rep, sizeof(repcodes_t)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_opt.c:1013:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rep, &reps, sizeof(reps)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstd_opt.c:1015:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rep, opt[cur].rep, sizeof(repcodes_t)); data/python-zstd-1.4.5.1/zstd/lib/compress/zstdmt_compress.c:238:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newBuffer.start, buffer.start, buffer.capacity); data/python-zstd-1.4.5.1/zstd/lib/compress/zstdmt_compress.c:1743:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char*)output->dst + output->pos, data/python-zstd-1.4.5.1/zstd/lib/compress/zstdmt_compress.c:2075:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char*)mtctx->inBuff.buffer.start + mtctx->inBuff.filled, (const char*)input->src + input->pos, syncPoint.toLoad); data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c:148:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(DTable, &dtd, sizeof(dtd)); data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c:647:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(DTable, &dtd, sizeof(dtd)); data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c:663:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 2); data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c:672:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 1); data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c:1065:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c:1088:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/decompress/huf_decompress.c:1148:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_ddict.c:134:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(internalBuffer, dict, dictSize); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_ddict.c:201:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ddict+1, dict, dictSize); /* local copy */ data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:182:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstDCtx, srcDCtx, toCopy); /* no need to copy workspace */ data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:587:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:902:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:909:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:916:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer + (dctx->headerSize - srcSize), src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:1022:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer + (ZSTD_SKIPPABLEHEADERSIZE - srcSize), src, srcSize); /* complete skippable header */ data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:1173:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->entropy.rep, repStartValue, sizeof(repStartValue)); /* initial repcodes */ data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:1666:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zds->headerBuffer + zds->lhSize, ip, remainingInput); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress.c:1673:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zds->headerBuffer + zds->lhSize, ip, toLoad); zds->lhSize = hSize; ip += toLoad; data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_block.c:47:54: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_block.c:194:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->litBuffer, istart+lhSize, litSize); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_block.c:399:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_block.c:1107:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, litPtr, lastLLSize); data/python-zstd-1.4.5.1/zstd/lib/decompress/zstd_decompress_block.c:1212:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, litPtr, lastLLSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v01.c:1361:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v01.c:1363:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy8(void* dst, const void* src) { memcpy(dst, src, 8); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v01.c:1487:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v01.c:1797:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(saved, endMatch, qutt); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v01.c:1827:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (overlapRisk) memcpy(endMatch, saved, qutt); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:189:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:1158:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); /* memcpy(), to avoid strict aliasing warnings */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2017:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 2); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2025:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 1); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2364:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, ds+val, sizeof(HUF_DSeqX6)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2376:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, ds+val, length); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2380:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, ds+val, maxL); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2589:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2745:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2747:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy8(void* dst, const void* src) { memcpy(dst, src, 8); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2840:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v02.c:2896:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->litBuffer, istart, litSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:190:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:1159:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:2014:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 2); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:2022:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 1); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:2229:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:2386:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:2388:56: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy8(void* dst, const void* src) { memcpy(dst, src, 8); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:2481:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v03.c:2537:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->litBuffer, istart, litSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:161:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:389:54: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy8(void* dst, const void* src) { memcpy(dst, src, 8); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:1136:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:2164:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 2); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:2172:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 1); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:2376:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:2476:54: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTD_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:2607:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:2662:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->litBuffer, istart, litSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:3014:35: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (op != litPtr) memcpy(op, litPtr, lastLLSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:3210:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->headerBuffer, src, ZSTD_frameHeaderSize_min); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:3367:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char headerBuffer[ZSTD_frameHeaderSize_max]; data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:3415:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, length); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:3448:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbc->headerBuffer+zbc->hPos, src, *srcSizePtr); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v04.c:3494:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbc->inBuff, zbc->headerBuffer, zbc->hPos); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:184:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:189:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:194:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:502:57: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTDv05_copy8(void* dst, const void* src) { memcpy(dst, src, 8); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:1262:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:2278:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 2); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:2286:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 1); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:2621:57: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTDv05_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:2697:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstDCtx, srcDCtx, data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:2855:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:2956:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->litBuffer, istart+lhSize, litSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:3366:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, litPtr, lastLLSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:3597:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer, src, ZSTDv05_frameHeaderSize_min); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:3797:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, length); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:3845:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char headerBuffer[ZSTDv05_frameHeaderSize_max]; data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:3910:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbc->headerBuffer+zbc->hPos, src, *srcSizePtr); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v05.c:3957:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbc->inBuff, zbc->headerBuffer, zbc->hPos); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:182:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:537:57: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTDv06_copy8(void* dst, const void* src) { memcpy(dst, src, 8); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:1486:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:2407:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 2); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:2415:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 1); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:2653:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:2795:57: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTDv06_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:2858:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstDCtx, srcDCtx, data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:3047:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:3144:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->litBuffer, istart+lhSize, litSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:3505:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, litPtr, lastLLSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:3738:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer, src, ZSTDv06_frameHeaderSize_min); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:3748:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer + ZSTDv06_frameHeaderSize_min, src, dctx->expected); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:4006:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, length); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:4038:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbd->headerBuffer + zbd->lhSize, ip, iend-ip); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v06.c:4043:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbd->headerBuffer + zbd->lhSize, ip, toLoad); zbd->lhSize = hSize; ip += toLoad; data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:342:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(memPtr, &value, sizeof(value)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:1506:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dt, &DTableH, sizeof(DTableH)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:1797:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(DTable, &dtd, sizeof(dtd)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2210:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(DTable, &dtd, sizeof(dtd)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2218:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 2); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2226:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, dt+val, 1); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2526:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2542:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2568:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cSrcSize == dstSize) { memcpy(dst, cSrc, dstSize); return dstSize; } /* not compressed */ data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2771:57: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTDv07_copy8(void* dst, const void* src) { memcpy(dst, src, 8); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2919:57: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static void ZSTDv07_copy4(void* dst, const void* src) { memcpy(dst, src, 4); } data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:2989:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dctx->customMem, &customMem, sizeof(ZSTDv07_customMem)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:3008:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dstDCtx, srcDCtx, data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:3276:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srcSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:3374:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->litBuffer, istart+lhSize, litSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:3720:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(op, litPtr, lastLLSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:3996:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer, src, ZSTDv07_frameHeaderSize_min); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4003:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer, src, ZSTDv07_frameHeaderSize_min); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4013:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dctx->headerBuffer + ZSTDv07_frameHeaderSize_min, src, dctx->expected); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4068:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. { memcpy(dctx->headerBuffer + ZSTDv07_frameHeaderSize_min, src, dctx->expected); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4205:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dictContent, dict, dictSize); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4350:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&zbd->customMem, &customMem, sizeof(ZSTDv07_customMem)); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4388:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, length); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4420:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbd->headerBuffer + zbd->lhSize, ip, iend-ip); data/python-zstd-1.4.5.1/zstd/lib/legacy/zstd_v07.c:4425:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zbd->headerBuffer + zbd->lhSize, ip, toLoad); zbd->lhSize = hSize; ip += toLoad; data/python-zstd-1.4.5.1/zstd/lib/compress/fse_compress.c:489:9: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getchar(); ANALYSIS SUMMARY: Hits = 185 Lines analyzed = 56108 in approximately 1.63 seconds (34428 lines/second) Physical Source Lines of Code (SLOC) = 36339 Hits@level = [0] 3 [1] 1 [2] 179 [3] 2 [4] 2 [5] 1 Hits@level+ = [0+] 188 [1+] 185 [2+] 184 [3+] 5 [4+] 3 [5+] 1 Hits/KSLOC@level+ = [0+] 5.17351 [1+] 5.09095 [2+] 5.06343 [3+] 0.137593 [4+] 0.0825559 [5+] 0.0275186 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.