Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/signify-openbsd-30/base64.c
Examining data/signify-openbsd-30/bcrypt_pbkdf.c
Examining data/signify-openbsd-30/blf.h
Examining data/signify-openbsd-30/blowfish.c
Examining data/signify-openbsd-30/compat.h
Examining data/signify-openbsd-30/crypto_api.c
Examining data/signify-openbsd-30/crypto_api.h
Examining data/signify-openbsd-30/explicit_bzero.c
Examining data/signify-openbsd-30/explicit_bzero.h
Examining data/signify-openbsd-30/fe25519.c
Examining data/signify-openbsd-30/fe25519.h
Examining data/signify-openbsd-30/ge25519.h
Examining data/signify-openbsd-30/helper.c
Examining data/signify-openbsd-30/mod_ed25519.c
Examining data/signify-openbsd-30/mod_ge25519.c
Examining data/signify-openbsd-30/ohash.c
Examining data/signify-openbsd-30/ohash.h
Examining data/signify-openbsd-30/pledge_noop.c
Examining data/signify-openbsd-30/pledge_waive.c
Examining data/signify-openbsd-30/sc25519.c
Examining data/signify-openbsd-30/sc25519.h
Examining data/signify-openbsd-30/sha2.c
Examining data/signify-openbsd-30/sha2.h
Examining data/signify-openbsd-30/signify.c
Examining data/signify-openbsd-30/signify.h
Examining data/signify-openbsd-30/timingsafe_bcmp.c
Examining data/signify-openbsd-30/zsig.c
FINAL RESULTS:
data/signify-openbsd-30/signify.c:408:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
nr = snprintf(sigcomment, sizeof(sigcomment),
data/signify-openbsd-30/signify.c:778:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "CGSVzc:em:np:qs:t:x:")) != -1) {
data/signify-openbsd-30/fe25519.c:98:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void fe25519_unpack(fe25519 *r, const unsigned char x[32])
data/signify-openbsd-30/fe25519.c:106:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void fe25519_pack(unsigned char r[32], const fe25519 *x)
data/signify-openbsd-30/fe25519.h:40:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void fe25519_unpack(fe25519 *r, const unsigned char x[32]);
data/signify-openbsd-30/fe25519.h:42:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void fe25519_pack(unsigned char r[32], const fe25519 *x);
data/signify-openbsd-30/ge25519.h:33:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int ge25519_unpackneg_vartime(ge25519 *r, const unsigned char p[32]);
data/signify-openbsd-30/ge25519.h:35:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ge25519_pack(unsigned char r[32], const ge25519 *p);
data/signify-openbsd-30/helper.c:70:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(filename, O_RDONLY)) == -1)
data/signify-openbsd-30/mod_ed25519.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char extsk[64];
data/signify-openbsd-30/mod_ed25519.c:58:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char r[32];
data/signify-openbsd-30/mod_ed25519.c:59:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char s[32];
data/signify-openbsd-30/mod_ed25519.c:60:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char extsk[64];
data/signify-openbsd-30/mod_ed25519.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hmg[crypto_hash_sha512_BYTES];
data/signify-openbsd-30/mod_ed25519.c:63:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hram[crypto_hash_sha512_BYTES];
data/signify-openbsd-30/mod_ed25519.c:110:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char t2[32];
data/signify-openbsd-30/mod_ed25519.c:113:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hram[crypto_hash_sha512_BYTES];
data/signify-openbsd-30/mod_ge25519.c:201:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int ge25519_unpackneg_vartime(ge25519_p3 *r, const unsigned char p[32])
data/signify-openbsd-30/mod_ge25519.c:248:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ge25519_pack(unsigned char r[32], const ge25519_p3 *p)
data/signify-openbsd-30/mod_ge25519.c:271:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[127];
data/signify-openbsd-30/mod_ge25519.c:314:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char b[85];
data/signify-openbsd-30/ohash.c:53:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p+i->key_offset, start, *end-start);
data/signify-openbsd-30/sc25519.c:34:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char t[32];
data/signify-openbsd-30/sc25519.c:100:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_from32bytes(sc25519 *r, const unsigned char x[32])
data/signify-openbsd-30/sc25519.c:109:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void shortsc25519_from16bytes(shortsc25519 *r, const unsigned char x[16])
data/signify-openbsd-30/sc25519.c:115:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_from64bytes(sc25519 *r, const unsigned char x[64])
data/signify-openbsd-30/sc25519.c:132:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_to32bytes(unsigned char r[32], const sc25519 *x)
data/signify-openbsd-30/sc25519.c:219:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_window3(signed char r[85], const sc25519 *s)
data/signify-openbsd-30/sc25519.c:256:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_window5(signed char r[51], const sc25519 *s)
data/signify-openbsd-30/sc25519.c:293:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2)
data/signify-openbsd-30/sc25519.h:44:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_from32bytes(sc25519 *r, const unsigned char x[32]);
data/signify-openbsd-30/sc25519.h:46:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void shortsc25519_from16bytes(shortsc25519 *r, const unsigned char x[16]);
data/signify-openbsd-30/sc25519.h:48:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_from64bytes(sc25519 *r, const unsigned char x[64]);
data/signify-openbsd-30/sc25519.h:52:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_to32bytes(unsigned char r[32], const sc25519 *x);
data/signify-openbsd-30/sc25519.h:71:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_window3(signed char r[85], const sc25519 *s);
data/signify-openbsd-30/sc25519.h:76:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_window5(signed char r[51], const sc25519 *s);
data/signify-openbsd-30/sc25519.h:78:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, const sc25519 *s2);
data/signify-openbsd-30/sha2.c:307:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->state.st32, sha224_initial_hash_value,
data/signify-openbsd-30/sha2.c:333:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH);
data/signify-openbsd-30/sha2.c:344:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->state.st32, sha256_initial_hash_value,
data/signify-openbsd-30/sha2.c:526:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&context->buffer[usedspace], data, freespace);
data/signify-openbsd-30/sha2.c:533:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&context->buffer[usedspace], data, len);
data/signify-openbsd-30/sha2.c:549:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->buffer, data, len);
data/signify-openbsd-30/sha2.c:613:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH);
data/signify-openbsd-30/sha2.c:624:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->state.st64, sha512_initial_hash_value,
data/signify-openbsd-30/sha2.c:807:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&context->buffer[usedspace], data, freespace);
data/signify-openbsd-30/sha2.c:814:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&context->buffer[usedspace], data, len);
data/signify-openbsd-30/sha2.c:830:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->buffer, data, len);
data/signify-openbsd-30/sha2.c:894:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH);
data/signify-openbsd-30/sha2.c:906:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->state.st64, sha384_initial_hash_value,
data/signify-openbsd-30/sha2.c:932:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH);
data/signify-openbsd-30/sha2.c:943:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->state.st64, sha512_256_initial_hash_value,
data/signify-openbsd-30/sha2.c:969:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, context->state.st64, SHA512_256_DIGEST_LENGTH);
data/signify-openbsd-30/signify.c:106:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, oflags, mode);
data/signify-openbsd-30/signify.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b64[2048];
data/signify-openbsd-30/signify.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b64[1024];
data/signify-openbsd-30/signify.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pass[1024];
data/signify-openbsd-30/signify.c:276:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pass2[1024];
data/signify-openbsd-30/signify.c:301:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sig, sigbuf, SIGBYTES);
data/signify-openbsd-30/signify.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commentbuf[COMMENTMAXLEN];
data/signify-openbsd-30/signify.c:325:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(enckey.pkalg, PKALG, 2);
data/signify-openbsd-30/signify.c:326:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(enckey.kdfalg, KDFALG, 2);
data/signify-openbsd-30/signify.c:328:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(enckey.keynum, keynum, KEYNUMLEN);
data/signify-openbsd-30/signify.c:344:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pubkey.pkalg, PKALG, 2);
data/signify-openbsd-30/signify.c:345:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pubkey.keynum, keynum, KEYNUMLEN);
data/signify-openbsd-30/signify.c:398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[COMMENTMAXLEN], sigcomment[COMMENTMAXLEN];
data/signify-openbsd-30/signify.c:430:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sig.keynum, enckey.keynum, KEYNUMLEN);
data/signify-openbsd-30/signify.c:433:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sig.pkalg, PKALG, 2);
data/signify-openbsd-30/signify.c:476:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sigbuf, sig->sig, SIGBYTES);
data/signify-openbsd-30/signify.c:477:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sigbuf + SIGBYTES, msg, msglen);
data/signify-openbsd-30/signify.c:512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypath[PATH_MAX];
data/signify-openbsd-30/signify.c:534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sigcomment[COMMENTMAXLEN];
data/signify-openbsd-30/signify.c:554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sigcomment[COMMENTMAXLEN];
data/signify-openbsd-30/signify.c:598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_MAX];
data/signify-openbsd-30/signify.c:599:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[HASHBUFSIZE];
data/signify-openbsd-30/signify.c:600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algo[32];
data/signify-openbsd-30/signify.c:636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HASHBUFSIZE];
data/signify-openbsd-30/signify.c:738:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sigcomment[COMMENTMAXLEN];
data/signify-openbsd-30/signify.c:759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sigfilebuf[PATH_MAX];
data/signify-openbsd-30/zsig.c:151:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, residual, n);
data/signify-openbsd-30/zsig.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80];
data/signify-openbsd-30/blowfish.c:691:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blf_key(&c, (u_int8_t *) key2, strlen(key2));
data/signify-openbsd-30/fe25519.c:14:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static crypto_uint32 equal(crypto_uint32 a,crypto_uint32 b) /* 16-bit inputs */
data/signify-openbsd-30/fe25519.c:85:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
crypto_uint32 m = equal(r->v[31],127);
data/signify-openbsd-30/fe25519.c:87:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
m &= equal(r->v[i],255);
data/signify-openbsd-30/fe25519.c:121:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
r = equal(t.v[0],0);
data/signify-openbsd-30/fe25519.c:123:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
r &= equal(t.v[i],0);
data/signify-openbsd-30/helper.c:88:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((nr = read(fd, buffer, MINIMUM(sizeof(buffer), len))) > 0) {
data/signify-openbsd-30/mod_ge25519.c:156:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
static unsigned char equal(signed char b,signed char c)
data/signify-openbsd-30/mod_ge25519.c:179:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cmov_aff(t, &ge25519_base_multiples_affine[5*pos+1],equal(b,1) | equal(b,-1));
data/signify-openbsd-30/mod_ge25519.c:179:68: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cmov_aff(t, &ge25519_base_multiples_affine[5*pos+1],equal(b,1) | equal(b,-1));
data/signify-openbsd-30/mod_ge25519.c:180:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cmov_aff(t, &ge25519_base_multiples_affine[5*pos+2],equal(b,2) | equal(b,-2));
data/signify-openbsd-30/mod_ge25519.c:180:68: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cmov_aff(t, &ge25519_base_multiples_affine[5*pos+2],equal(b,2) | equal(b,-2));
data/signify-openbsd-30/mod_ge25519.c:181:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cmov_aff(t, &ge25519_base_multiples_affine[5*pos+3],equal(b,3) | equal(b,-3));
data/signify-openbsd-30/mod_ge25519.c:181:68: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cmov_aff(t, &ge25519_base_multiples_affine[5*pos+3],equal(b,3) | equal(b,-3));
data/signify-openbsd-30/mod_ge25519.c:182:55: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cmov_aff(t, &ge25519_base_multiples_affine[5*pos+4],equal(b,-4));
data/signify-openbsd-30/ohash.c:50:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*end = start + strlen(start);
data/signify-openbsd-30/ohash.c:212:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*e = s + strlen(s);
data/signify-openbsd-30/sha2.c:90:32: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN
data/signify-openbsd-30/signify.c:162:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((rv = read(fd, b64, sizeof(b64) - 1)) == -1)
data/signify-openbsd-30/signify.c:198:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((x = read(fd, msg + msglen, space)) == -1)
data/signify-openbsd-30/signify.c:250:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeall(fd, header, strlen(header), filename);
data/signify-openbsd-30/signify.c:251:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
explicit_bzero(header, strlen(header));
data/signify-openbsd-30/signify.c:273:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pass) == 0)
data/signify-openbsd-30/signify.c:284:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!errstr && bcrypt_pbkdf(pass, strlen(pass), salt, saltlen, key,
data/signify-openbsd-30/signify.c:364:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(seckeyfile);
data/signify-openbsd-30/signify.c:374:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pubkeyfile) != len)
data/signify-openbsd-30/signify.c:409:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VERIFYWITH "%.*s.pub", (int)strlen(keyname) - 4, keyname);
data/signify-openbsd-30/signify.c:453:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeall(fd, sighdr, strlen(sighdr), sigfile);
data/signify-openbsd-30/signify.c:496:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
typelen = strlen(keytype);
data/signify-openbsd-30/signify.c:517:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pubkeyfile += strlen(VERIFYWITH);
data/signify-openbsd-30/signify.c:625:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hash) == len)
data/signify-openbsd-30/signify.c:684:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
rv = sscanf(line, "%31s (%1023[^)]) = %223s",
data/signify-openbsd-30/zsig.c:75:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, buf+len, sz-len);
data/signify-openbsd-30/zsig.c:156:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t more = read(fdin, buffer+n, bufsize-n);
data/signify-openbsd-30/zsig.c:277:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t n = read(fdin, buffer, bufsize);
data/signify-openbsd-30/zsig.c:295:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeall(fdout, sighdr, strlen(sighdr), sigfile);
data/signify-openbsd-30/zsig.c:305:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t n = read(fdin, buffer, bufsize);
ANALYSIS SUMMARY:
Hits = 118
Lines analyzed = 5840 in approximately 0.20 seconds (29017 lines/second)
Physical Source Lines of Code (SLOC) = 4311
Hits@level = [0] 16 [1] 37 [2] 79 [3] 1 [4] 1 [5] 0
Hits@level+ = [0+] 134 [1+] 118 [2+] 81 [3+] 2 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 31.0833 [1+] 27.3718 [2+] 18.7891 [3+] 0.463929 [4+] 0.231965 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.