Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ykclient-2.15/cdecode.c
Examining data/ykclient-2.15/ykclient_server_response.c
Examining data/ykclient-2.15/ykclient_version.h
Examining data/ykclient-2.15/ykclient.c
Examining data/ykclient-2.15/tests/selftest.c
Examining data/ykclient-2.15/sha384-512.c
Examining data/ykclient-2.15/sha224-256.c
Examining data/ykclient-2.15/ykclient_errors.h
Examining data/ykclient-2.15/sha.h
Examining data/ykclient-2.15/ykclient_server_response.h
Examining data/ykclient-2.15/ykclient_version.c
Examining data/ykclient-2.15/tool.c
Examining data/ykclient-2.15/cdecode.h
Examining data/ykclient-2.15/usha.c
Examining data/ykclient-2.15/sha-private.h
Examining data/ykclient-2.15/cencode.h
Examining data/ykclient-2.15/cencode.c
Examining data/ykclient-2.15/hmac.c
Examining data/ykclient-2.15/sha1.c
Examining data/ykclient-2.15/ykclient.h
FINAL RESULTS:
data/ykclient-2.15/tests/selftest.c:39:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf xX; \
data/ykclient-2.15/ykclient.c:895:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (*url_exp, len, "%s" ADD_ID "%d" ADD_NONCE "%s" ADD_OTP "%s" ADD_TS,
data/ykclient-2.15/ykclient.c:900:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (*url_exp, len, "%s" ADD_ID "%d" ADD_OTP "%s" ADD_TS, template,
data/ykclient-2.15/ykclient.c:922:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
wrote = snprintf (*url_exp, len, template, client_id, encoded_otp);
data/ykclient-2.15/tool.c:88:15: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt_long (argc, argv, "",
data/ykclient-2.15/ykclient.c:857:7: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom (tv.tv_sec * tv.tv_usec);
data/ykclient-2.15/ykclient.c:861:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p[i] = (random () % 26) + 'a';
data/ykclient-2.15/hmac.c:39:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
hmac (SHAversion whichSha, const unsigned char *text, int text_len,
data/ykclient-2.15/hmac.c:40:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *key, int key_len, uint8_t digest[USHAMaxHashSize])
data/ykclient-2.15/hmac.c:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_ipad[USHA_Max_Message_Block_Size];
data/ykclient-2.15/hmac.c:78:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tempkey[USHAMaxHashSize];
data/ykclient-2.15/sha.h:180:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_opad[USHA_Max_Message_Block_Size];
data/ykclient-2.15/tests/selftest.c:94:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b64dig[64];
data/ykclient-2.15/tests/selftest.c:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ykclient-2.15/tests/selftest.c:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key1[20];
data/ykclient-2.15/tests/selftest.c:134:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char text3[50];
data/ykclient-2.15/tests/selftest.c:136:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key3[20];
data/ykclient-2.15/tests/selftest.c:140:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char text4[50];
data/ykclient-2.15/tests/selftest.c:146:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key5[20];
data/ykclient-2.15/tests/selftest.c:151:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key6[80];
data/ykclient-2.15/tests/selftest.c:156:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key7[80];
data/ykclient-2.15/ykclient.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_url[256];
data/ykclient-2.15/ykclient.c:253:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&(curl_data->curl_chunk[curl_data->curl_chunk_size]), ptr,
data/ykclient-2.15/ykclient.c:1039:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b64dig[3 * 4 * SHA1HashSize + 1];
data/ykclient-2.15/ykclient_server_response.c:328:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_digest[SHA1HashSize + 1];
data/ykclient-2.15/tool.c:96:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (optarg) < 16)
data/ykclient-2.15/tool.c:120:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (optarg) < 1)
data/ykclient-2.15/tool.c:130:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (optarg) < 1)
data/ykclient-2.15/tool.c:140:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) < 1)
data/ykclient-2.15/tool.c:177:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (*token) < 32)
data/ykclient-2.15/ykclient.c:494:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen (key);
data/ykclient-2.15/ykclient.c:547:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen (key);
data/ykclient-2.15/ykclient.c:878:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (template) + strlen (encoded_otp) + strlen (ADD_OTP) +
data/ykclient-2.15/ykclient.c:878:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (template) + strlen (encoded_otp) + strlen (ADD_OTP) +
data/ykclient-2.15/ykclient.c:878:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (template) + strlen (encoded_otp) + strlen (ADD_OTP) +
data/ykclient-2.15/ykclient.c:879:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ADD_ID) + strlen(ADD_TS) + 1;
data/ykclient-2.15/ykclient.c:879:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ADD_ID) + strlen(ADD_TS) + 1;
data/ykclient-2.15/ykclient.c:884:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen (nonce) + strlen (ADD_NONCE);
data/ykclient-2.15/ykclient.c:884:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen (nonce) + strlen (ADD_NONCE);
data/ykclient-2.15/ykclient.c:915:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (template) + strlen (encoded_otp) + 20;
data/ykclient-2.15/ykclient.c:915:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (template) + strlen (encoded_otp) + 20;
data/ykclient-2.15/ykclient.c:936:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (*url_exp) + strlen (ADD_NONCE) + strlen (nonce) + 1;
data/ykclient-2.15/ykclient.c:936:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (*url_exp) + strlen (ADD_NONCE) + strlen (nonce) + 1;
data/ykclient-2.15/ykclient.c:936:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (*url_exp) + strlen (ADD_NONCE) + strlen (nonce) + 1;
data/ykclient-2.15/ykclient.c:1055:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res = hmac (SHA1, (unsigned char *) text, strlen (text),
data/ykclient-2.15/ykclient.c:1082:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ykh->url_exp[i]) + strlen (ADD_HASH) +
data/ykclient-2.15/ykclient.c:1082:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ykh->url_exp[i]) + strlen (ADD_HASH) +
data/ykclient-2.15/ykclient.c:1083:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (signature) + 1;
data/ykclient-2.15/ykclient.c:1306:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ykc->last_url, url_used, sizeof (ykc->last_url));
data/ykclient-2.15/ykclient_server_response.c:228:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (param->key, pos, index);
data/ykclient-2.15/ykclient_server_response.c:248:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (param->value, pos, index);
data/ykclient-2.15/ykclient_server_response.c:308:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (iter->parameter->key)))
data/ykclient-2.15/ykclient_server_response.c:313:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (iter->parameter->value)))
data/ykclient-2.15/ykclient_server_response.c:332:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (serv_response->signature->value),
ANALYSIS SUMMARY:
Hits = 54
Lines analyzed = 6403 in approximately 0.19 seconds (33645 lines/second)
Physical Source Lines of Code (SLOC) = 3720
Hits@level = [0] 100 [1] 29 [2] 18 [3] 3 [4] 4 [5] 0
Hits@level+ = [0+] 154 [1+] 54 [2+] 25 [3+] 7 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 41.3978 [1+] 14.5161 [2+] 6.72043 [3+] 1.88172 [4+] 1.07527 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.