Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/rng-tools5-5/contrib/randstat.c
Examining data/rng-tools5-5/contrib/rngtest.c
Examining data/rng-tools5-5/exits.h
Examining data/rng-tools5-5/fips.c
Examining data/rng-tools5-5/fips.h
Examining data/rng-tools5-5/rngd.h
Examining data/rng-tools5-5/rngd_entsource.c
Examining data/rng-tools5-5/rngd_entsource.h
Examining data/rng-tools5-5/rngd_linux.c
Examining data/rng-tools5-5/rngd_linux.h
Examining data/rng-tools5-5/rngd_rdrand.c
Examining data/rng-tools5-5/rngtest.c
Examining data/rng-tools5-5/stats.c
Examining data/rng-tools5-5/stats.h
Examining data/rng-tools5-5/util.c
Examining data/rng-tools5-5/rngd.c
FINAL RESULTS:
data/rng-tools5-5/rngd.h:80:3: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog((priority), fmt, ##args); \
data/rng-tools5-5/rngd.h:82:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt, ##args); \
data/rng-tools5-5/contrib/rngtest.c:15:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
char random;
data/rng-tools5-5/contrib/rngtest.c:16:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
fscanf(dev,"%c",&random);
data/rng-tools5-5/contrib/rngtest.c:17:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return random;
data/rng-tools5-5/contrib/rngtest.c:144:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
unsigned char random;
data/rng-tools5-5/contrib/randstat.c:17:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
random_fd = open("/dev/random", O_RDONLY);
data/rng-tools5-5/contrib/rngtest.c:147:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(! (dev = fopen(RNG_DEVICE,"r"))) {
data/rng-tools5-5/fips.c:37:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fips_test_names[N_FIPS_TESTS] = {
data/rng-tools5-5/fips.h:53:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *fips_test_names[N_FIPS_TESTS];
data/rng-tools5-5/rngd.c:231:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[FIPS_RNG_BUFFER_SIZE];
data/rng-tools5-5/rngd_entsource.c:90:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ent_src->rng_fd = open(ent_src->rng_name, O_RDWR);
data/rng-tools5-5/rngd_entsource.c:140:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(offset,temp_buf + TPM_GET_RNG_OVERHEAD,
data/rng-tools5-5/rngd_entsource.c:144:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(offset, temp_buf + TPM_GET_RNG_OVERHEAD, r);
data/rng-tools5-5/rngd_entsource.c:163:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tempbuf[4];
data/rng-tools5-5/rngd_entsource.c:178:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY);
data/rng-tools5-5/rngd_entsource.c:194:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ent_src->rng_fd = open(ent_src->rng_name, O_RDWR);
data/rng-tools5-5/rngd_linux.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psbuf[64], *p;
data/rng-tools5-5/rngd_linux.c:67:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/proc/sys/kernel/random/poolsize", "r");
data/rng-tools5-5/rngd_linux.c:99:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
random_fd = open(randomdev, O_RDWR);
data/rng-tools5-5/rngd_linux.c:106:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/proc/sys/kernel/random/write_wakeup_threshold", "w");
data/rng-tools5-5/rngd_linux.c:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[size];
data/rng-tools5-5/rngd_linux.c:131:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entropy.data, buf, size);
data/rng-tools5-5/rngd_rdrand.c:139:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char iv_buf[CHUNK_SIZE] __attribute__((aligned(128)));
data/rng-tools5-5/rngd_rdrand.c:178:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char rdrand_buf[CHUNK_SIZE * RDRAND_ROUNDS]
data/rng-tools5-5/rngd_rdrand.c:181:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rdseed_buf[CHUNK_SIZE]
data/rng-tools5-5/rngd_rdrand.c:236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, data, chunk);
data/rng-tools5-5/rngd_rdrand.c:304:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char key[AES_BLOCK] = {
data/rng-tools5-5/rngd_rdrand.c:308:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xkey[AES_BLOCK]; /* Material to XOR into the key */
data/rng-tools5-5/rngd_rdrand.c:338:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/urandom", O_RDONLY);
data/rng-tools5-5/rngtest.c:146:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rng_buffer[FIPS_RNG_BUFFER_SIZE];
data/rng-tools5-5/rngtest.c:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/rng-tools5-5/rngtest.c:327:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tempbuf[4];
data/rng-tools5-5/stats.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char stat_prefix[20] = "";
data/rng-tools5-5/stats.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unitscaled[20];
data/rng-tools5-5/util.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32], *s;
data/rng-tools5-5/util.c:45:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%u\n", (unsigned int) getpid());
data/rng-tools5-5/util.c:48:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pid_fn, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR);
data/rng-tools5-5/rngd_entsource.c:58:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(ent_src->rng_fd, buf + off, size);
data/rng-tools5-5/rngd_entsource.c:130:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(ent_src->rng_fd, temp_buf,size);
data/rng-tools5-5/rngd_rdrand.c:340:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, key, sizeof key);
data/rng-tools5-5/rngtest.c:217:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(0, buf + off, size);
data/rng-tools5-5/stats.c:45:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stat_prefix, prefix, sizeof(stat_prefix)-1);
data/rng-tools5-5/stats.c:68:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(unit, baseunit, unitsize);
data/rng-tools5-5/util.c:75:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytes = strlen(str);
ANALYSIS SUMMARY:
Hits = 45
Lines analyzed = 2553 in approximately 0.08 seconds (32464 lines/second)
Physical Source Lines of Code (SLOC) = 1647
Hits@level = [0] 47 [1] 7 [2] 32 [3] 4 [4] 2 [5] 0
Hits@level+ = [0+] 92 [1+] 45 [2+] 38 [3+] 6 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 55.8591 [1+] 27.3224 [2+] 23.0723 [3+] 3.64299 [4+] 1.21433 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.