Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tcplay-1.1/crc32.c Examining data/tcplay-1.1/crc32.h Examining data/tcplay-1.1/crypto-dev.c Examining data/tcplay-1.1/crypto-gcrypt.c Examining data/tcplay-1.1/crypto.c Examining data/tcplay-1.1/generic_xts.c Examining data/tcplay-1.1/generic_xts.h Examining data/tcplay-1.1/hdr.c Examining data/tcplay-1.1/humanize.c Examining data/tcplay-1.1/humanize.h Examining data/tcplay-1.1/io.c Examining data/tcplay-1.1/main.c Examining data/tcplay-1.1/pbkdf2-gcrypt.c Examining data/tcplay-1.1/pbkdf2-openssl.c Examining data/tcplay-1.1/safe_mem.c Examining data/tcplay-1.1/tcplay_api.h Examining data/tcplay-1.1/tcplay_api_test.c Examining data/tcplay-1.1/tcplay.h Examining data/tcplay-1.1/tcplay_api.c Examining data/tcplay-1.1/tcplay.c FINAL RESULTS: data/tcplay-1.1/tcplay.c:87:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(tc_internal_log_buffer, LOG_BUFFER_SZ, fmt, ap); data/tcplay-1.1/tcplay.c:889:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(passphrase_out, pass); data/tcplay-1.1/tcplay.c:1560:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(ciphers, crypto_algo->name); data/tcplay-1.1/tcplay.c:1664:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dev, info->dev); data/tcplay-1.1/tcplay.c:1705:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(map, mapname); data/tcplay-1.1/tcplay.c:1707:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(map, "%s.%d", mapname, j); data/tcplay-1.1/tcplay.c:1782:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(params, 512, "%s %s %"PRIu64 " %s %"PRIu64, data/tcplay-1.1/tcplay.c:1826:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(dev, "/dev/mapper/%s.%d", mapname, j); data/tcplay-1.1/tcplay.c:1878:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(map, "%s.%d", mapname, i); data/tcplay-1.1/tcplay_api_test.c:50:2: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("dmsetup ls"); data/tcplay-1.1/main.c:245:15: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((ch = getopt_long(argc, argv, "a:b:cd:ef:ghij:k:m:s:u:vwx:y:z", data/tcplay-1.1/crypto-dev.c:109:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) { data/tcplay-1.1/crypto-gcrypt.c:178:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in, len); data/tcplay-1.1/crypto.c:72:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dummy_chain->key, data/tcplay-1.1/crypto.c:75:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dummy_chain->key + dummy_chain->cipher->klen/2, data/tcplay-1.1/hdr.c:57:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iv[128]; data/tcplay-1.1/hdr.c:136:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iv[128]; data/tcplay-1.1/hdr.c:206:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dhdr->tc_str, "TRUE", 4); data/tcplay-1.1/hdr.c:281:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iv[128]; data/tcplay-1.1/humanize.c:167:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tcplay-1.1/io.c:57:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(file, O_RDONLY)) < 0) { data/tcplay-1.1/io.c:120:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open((weak) ? "/dev/urandom" : "/dev/random", O_RDONLY)) < 0) { data/tcplay-1.1/io.c:180:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ERASE_BUFFER_SIZE]; data/tcplay-1.1/io.c:189:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd_rand = open("/dev/urandom", O_RDONLY)) < 0) { data/tcplay-1.1/io.c:194:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(dev, O_WRONLY)) < 0) { data/tcplay-1.1/io.c:252:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(dev, O_RDONLY)) < 0) { data/tcplay-1.1/io.c:278:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(dev, O_RDONLY)) < 0) { data/tcplay-1.1/io.c:333:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem_buf + internal_off, mem, bytes); data/tcplay-1.1/io.c:336:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(dev, O_WRONLY)) < 0) { data/tcplay-1.1/main.c:213:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *keyfiles[MAX_KEYFILES]; data/tcplay-1.1/main.c:214:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *h_keyfiles[MAX_KEYFILES]; data/tcplay-1.1/main.c:215:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *new_keyfiles[MAX_KEYFILES]; data/tcplay-1.1/safe_mem.c:45:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sig[8]; /* SAFEMEM */ data/tcplay-1.1/safe_mem.c:49:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sig[8]; /* SAFEMEM */ data/tcplay-1.1/safe_mem.c:77:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(hdr->sig, "SAFEMEM"); data/tcplay-1.1/safe_mem.c:78:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(tail->sig, "SAFEMEM"); data/tcplay-1.1/tcplay.c:71:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tc_internal_log_buffer[LOG_BUFFER_SZ]; data/tcplay-1.1/tcplay.c:213:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(elem, src, sizeof(*elem)); data/tcplay-1.1/tcplay.c:222:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(elem->key, src->key, src->cipher->klen); data/tcplay-1.1/tcplay.c:284:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char sbuf[256]; data/tcplay-1.1/tcplay.c:395:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&cipher_chain->dm_key[i*2], "%02x", data/tcplay-1.1/tcplay.c:529:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/tcplay-1.1/tcplay.c:676:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%zu bytes", (blocks * blksz)); data/tcplay-1.1/tcplay.c:1341:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX]; data/tcplay-1.1/tcplay.c:1512:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char map[PATH_MAX]; data/tcplay-1.1/tcplay.c:1513:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ciphers[512]; data/tcplay-1.1/tcplay.c:1645:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *uu_stack[64]; data/tcplay-1.1/tcplay.c:1653:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dev[PATH_MAX]; data/tcplay-1.1/tcplay.c:1654:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char map[PATH_MAX]; data/tcplay-1.1/tcplay.c:1868:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char map[PATH_MAX]; data/tcplay-1.1/tcplay.c:1914:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ciphers[8]; data/tcplay-1.1/tcplay.h:99:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dm_key[MAX_KEYSZ*2 + 1]; data/tcplay-1.1/tcplay.h:106:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char salt[SALT_LEN]; /* Salt for PBKDF */ data/tcplay-1.1/tcplay.h:107:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char enc[448]; /* Encrypted part of the header */ data/tcplay-1.1/tcplay.h:111:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tc_str[4]; /* ASCII string "TRUE" */ data/tcplay-1.1/tcplay.h:129:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char unused3[120]; data/tcplay-1.1/tcplay.h:131:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char keys[256]; data/tcplay-1.1/tcplay.h:135:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dev[PATH_MAX]; data/tcplay-1.1/tcplay.h:139:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[MAX_KEYSZ*2 + 1]; data/tcplay-1.1/tcplay.h:162:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device[PATH_MAX]; /* Underlying device */ data/tcplay-1.1/tcplay.h:163:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target[256]; /* DM Target type */ data/tcplay-1.1/tcplay.h:167:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cipher[256]; /* Cipher */ data/tcplay-1.1/tcplay_api.h:82:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tc_device[1024]; data/tcplay-1.1/tcplay_api.h:83:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tc_cipher[256]; data/tcplay-1.1/tcplay_api.h:84:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tc_prf[64]; data/tcplay-1.1/crypto.c:216:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pl = strlen((char *)pass); data/tcplay-1.1/humanize.c:85:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf); data/tcplay-1.1/io.c:72:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((r = read(fd, mem, *sz)) <= 0) { data/tcplay-1.1/io.c:137:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((r = read(fd, buf+rd, sz)) < 0) { data/tcplay-1.1/io.c:212:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((r = read(fd_rand, buf, sz)) < 0) { data/tcplay-1.1/io.c:419:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(fd, pass, bufsz-1); data/tcplay-1.1/io.c:427:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(pass) > MAX_PASSSZ) data/tcplay-1.1/tcplay.c:369:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(info->dev, dev, sizeof(info->dev)); data/tcplay-1.1/tcplay.c:592:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pass, passphrase, MAX_PASSSZ); data/tcplay-1.1/tcplay.c:640:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(h_pass, h_passphrase, MAX_PASSSZ); data/tcplay-1.1/tcplay.c:690:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf[strlen(buf)-1] = '\0'; data/tcplay-1.1/tcplay.c:755:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (nkeyfiles > 0)?MAX_PASSSZ:strlen(pass), data/tcplay-1.1/tcplay.c:765:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (n_hkeyfiles > 0)?MAX_PASSSZ:strlen(h_pass), h_prf_algo, data/tcplay-1.1/tcplay.c:883:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pass, passphrase, MAX_PASSSZ); data/tcplay-1.1/tcplay.c:918:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(h_pass, passphrase_hidden, MAX_PASSSZ); data/tcplay-1.1/tcplay.c:963:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (nkeyfiles > 0)?MAX_PASSSZ:strlen(pass), data/tcplay-1.1/tcplay.c:974:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (nkeyfiles > 0)?MAX_PASSSZ:strlen(pass), hehdr, data/tcplay-1.1/tcplay.c:979:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (n_hkeyfiles > 0)?MAX_PASSSZ:strlen(h_pass), hehdr, data/tcplay-1.1/tcplay.c:1214:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pass, new_passphrase, MAX_PASSSZ); data/tcplay-1.1/tcplay.c:1229:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (n_newkeyfiles > 0)?MAX_PASSSZ:strlen(pass), data/tcplay-1.1/tcplay.c:1365:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (((strncmp(ent->d_name, "dm-", 3) == 0) && strlen(ent->d_name) <= 5))) data/tcplay-1.1/tcplay.c:1433:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tc_table->target, target_type, data/tcplay-1.1/tcplay.c:1449:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tc_table->cipher, p1, data/tcplay-1.1/tcplay.c:1523:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(map, map_name, PATH_MAX); data/tcplay-1.1/tcplay.c:1561:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(ciphers, ","); data/tcplay-1.1/tcplay.c:1563:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ciphers[strlen(ciphers)-1] = '\0'; data/tcplay-1.1/tcplay.c:1572:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(info->dev, dm_table[outermost]->device, sizeof(info->dev)); data/tcplay-1.1/tcplay.c:1951:27: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if ((k == nciphers) && !mismatch) { data/tcplay-1.1/tcplay_api.c:241:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_info->tc_prf, info->pbkdf_prf->name, sizeof(vol_info->tc_prf)); data/tcplay-1.1/tcplay_api.c:245:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_info->tc_device, info->dev, sizeof(vol_info->tc_device)); data/tcplay-1.1/tcplay_api.c:273:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(vol_info->tc_prf, "(unknown)", sizeof(vol_info->tc_prf)); data/tcplay-1.1/tcplay_api.c:277:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(vol_info->tc_device, info->dev, sizeof(vol_info->tc_device)); ANALYSIS SUMMARY: Hits = 97 Lines analyzed = 5638 in approximately 0.19 seconds (29427 lines/second) Physical Source Lines of Code (SLOC) = 4088 Hits@level = [0] 79 [1] 32 [2] 54 [3] 1 [4] 10 [5] 0 Hits@level+ = [0+] 176 [1+] 97 [2+] 65 [3+] 11 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 43.0528 [1+] 23.728 [2+] 15.9002 [3+] 2.6908 [4+] 2.44618 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.