Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/aespipe-2.4d/aes.c
Examining data/aespipe-2.4d/aes.h
Examining data/aespipe-2.4d/aespipe.c
Examining data/aespipe-2.4d/md5.c
Examining data/aespipe-2.4d/md5.h
Examining data/aespipe-2.4d/rmd160.c
Examining data/aespipe-2.4d/rmd160.h
Examining data/aespipe-2.4d/sha512.c
Examining data/aespipe-2.4d/sha512.h
FINAL RESULTS:
data/aespipe-2.4d/aespipe.c:188:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(e[x++], "HOME=%s", h);
data/aespipe-2.4d/aespipe.c:194:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(e[x++], "GPG_AGENT_INFO=%s", gpgAgentSocket);
data/aespipe-2.4d/aespipe.c:255:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(h, progName);
data/aespipe-2.4d/aespipe.c:386:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, p);
data/aespipe-2.4d/aespipe.c:424:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, p);
data/aespipe-2.4d/aespipe.c:426:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, seed);
data/aespipe-2.4d/aes.c:150:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
data/aespipe-2.4d/aes.c:150:90: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
data/aespipe-2.4d/aes.c:150:134: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
data/aespipe-2.4d/aes.c:150:179: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
data/aespipe-2.4d/aes.c:151:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
data/aespipe-2.4d/aes.c:151:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
data/aespipe-2.4d/aes.c:151:102: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
data/aespipe-2.4d/aes.c:151:138: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
data/aespipe-2.4d/aes.c:229:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char s_box[256] =
data/aespipe-2.4d/aes.c:267:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char inv_s_box[256] =
data/aespipe-2.4d/aes.c:725:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char s_box[256]; // the S box
data/aespipe-2.4d/aes.c:726:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char inv_s_box[256]; // the inverse S box
data/aespipe-2.4d/aes.c:831:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pow[512], log[256];
data/aespipe-2.4d/aespipe.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *multiKeyPass[66];
data/aespipe-2.4d/aespipe.c:143:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n, p, y);
data/aespipe-2.4d/aespipe.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10], *a[16], *e[3], *h;
data/aespipe-2.4d/aespipe.c:207:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((x = open(gpgKeyFile, O_RDONLY)) == -1) {
data/aespipe-2.4d/aespipe.c:216:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", pfdi[0]);
data/aespipe-2.4d/aespipe.c:224:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((x = open("/dev/null", O_WRONLY)) >= 0) {
data/aespipe-2.4d/aespipe.c:261:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(h, "gpg");
data/aespipe-2.4d/aespipe.c:320:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/tty", O_RDWR);
data/aespipe-2.4d/aespipe.c:371:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((passFDnumber = open(clearTextKeyFile, O_RDONLY)) == -1) {
data/aespipe-2.4d/aespipe.c:475:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmpBuf[20 + 20];
data/aespipe-2.4d/aespipe.c:476:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pwdCopy[130];
data/aespipe-2.4d/aespipe.c:484:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pwdCopy + 1, ib, ile);
data/aespipe-2.4d/aespipe.c:486:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ob, tmpBuf, ole);
data/aespipe-2.4d/aespipe.c:548:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sbuf, data, 48);
data/aespipe-2.4d/aespipe.c:583:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sbuf[0], data, 48);
data/aespipe-2.4d/aespipe.c:584:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sbuf[16], data + (512/4), 48);
data/aespipe-2.4d/aespipe.c:621:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], bfp, 16);
data/aespipe-2.4d/aespipe.c:626:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, bfp, 16);
data/aespipe-2.4d/aespipe.c:636:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], bfp, 16);
data/aespipe-2.4d/aespipe.c:641:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, bfp, 16);
data/aespipe-2.4d/aespipe.c:648:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:649:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:666:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], bfp, 16);
data/aespipe-2.4d/aespipe.c:671:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, bfp, 16);
data/aespipe-2.4d/aespipe.c:678:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:697:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], bfp, 16);
data/aespipe-2.4d/aespipe.c:702:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, &ivbuf[2], 16);
data/aespipe-2.4d/aespipe.c:721:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:722:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:761:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:846:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:847:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:865:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:901:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:902:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:915:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:967:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:968:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:985:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:1021:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[0], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:1022:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[2], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:1023:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[4], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:1024:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ivbuf[6], &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:1042:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ivbuf, &partialMD5[0], 16);
data/aespipe-2.4d/aespipe.c:1158:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hb[64];
data/aespipe-2.4d/aespipe.c:1338:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*hf)((unsigned char *)multiKeyPass[r], t, &hbu.hb[0], 32);
data/aespipe-2.4d/aespipe.c:1375:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tempkey[32];
data/aespipe-2.4d/aespipe.c:1392:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tku.tempkey[0], &hbu.hb[8], 8);
data/aespipe-2.4d/aespipe.c:1393:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hbu.hb[8], &hbu.hb[16], 8);
data/aespipe-2.4d/aespipe.c:1394:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hbu.hb[16], &tku.tempkey[0], 8);
data/aespipe-2.4d/rmd160.c:214:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( x, data, 64 );
data/aespipe-2.4d/rmd160.c:531:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( outbuf, hd.buf, 20 );
data/aespipe-2.4d/sha512.c:96:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H));
data/aespipe-2.4d/sha512.c:234:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ob, &ctx.sha_out[0], ole);
data/aespipe-2.4d/sha512.c:243:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H));
data/aespipe-2.4d/sha512.c:405:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ob, &ctx.sha_out[0], ole);
data/aespipe-2.4d/sha512.c:413:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H));
data/aespipe-2.4d/sha512.c:429:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ob, &ctx.sha_out[0], ole);
data/aespipe-2.4d/sha512.h:13:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha_out[64]; /* results are here, bytes 0...31 */
data/aespipe-2.4d/sha512.h:20:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha_out[128]; /* results are here, bytes 0...63 */
data/aespipe-2.4d/aespipe.c:114:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
z = read(fd, buf + x, y);
data/aespipe-2.4d/aespipe.c:183:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(e[x] = malloc(strlen(h) + 6))) {
data/aespipe-2.4d/aespipe.c:191:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!(e[x] = malloc(strlen(gpgAgentSocket) + 16))) {
data/aespipe-2.4d/aespipe.c:253:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = strlen(progName);
data/aespipe-2.4d/aespipe.c:260:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(h) > 0) {
data/aespipe-2.4d/aespipe.c:277:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = strlen(pass);
data/aespipe-2.4d/aespipe.c:297:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(multiKeyPass[x]) < AESPIPE_PASSWORD_MIN_LENGTH) break;
data/aespipe-2.4d/aespipe.c:327:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rd_wr_retry(fd, prompt, strlen(prompt), 1);
data/aespipe-2.4d/aespipe.c:352:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(multiKeyPass[x]) < AESPIPE_PASSWORD_MIN_LENGTH) break;
data/aespipe-2.4d/aespipe.c:383:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(p);
data/aespipe-2.4d/aespipe.c:411:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(p);
data/aespipe-2.4d/aespipe.c:418:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = malloc(i + strlen(seed) + 1);
data/aespipe-2.4d/aespipe.c:469:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)keyBuf, (char *)keyStr, bufSize - 1);
data/aespipe-2.4d/aespipe.c:1323:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = strlen(pass);
data/aespipe-2.4d/aespipe.c:1337:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = strlen(multiKeyPass[r]);
ANALYSIS SUMMARY:
Hits = 94
Lines analyzed = 4233 in approximately 0.18 seconds (23679 lines/second)
Physical Source Lines of Code (SLOC) = 3303
Hits@level = [0] 17 [1] 15 [2] 73 [3] 0 [4] 6 [5] 0
Hits@level+ = [0+] 111 [1+] 94 [2+] 79 [3+] 6 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 33.6058 [1+] 28.459 [2+] 23.9177 [3+] 1.81653 [4+] 1.81653 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.