Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/crack-5.0a/src/lib/dawglib.c
Examining data/crack-5.0a/src/lib/debug.c
Examining data/crack-5.0a/src/lib/rules.c
Examining data/crack-5.0a/src/lib/stringlib.c
Examining data/crack-5.0a/src/lib/libcrack.h
Examining data/crack-5.0a/src/libdes/cbc3_enc.c
Examining data/crack-5.0a/src/libdes/cbc_cksm.c
Examining data/crack-5.0a/src/libdes/cbc_enc.c
Examining data/crack-5.0a/src/libdes/cfb64ede.c
Examining data/crack-5.0a/src/libdes/cfb64enc.c
Examining data/crack-5.0a/src/libdes/cfb_enc.c
Examining data/crack-5.0a/src/libdes/des.c
Examining data/crack-5.0a/src/libdes/des.h
Examining data/crack-5.0a/src/libdes/des_locl.h
Examining data/crack-5.0a/src/libdes/destest.c
Examining data/crack-5.0a/src/libdes/ecb3_enc.c
Examining data/crack-5.0a/src/libdes/ecb_enc.c
Examining data/crack-5.0a/src/libdes/ede_enc.c
Examining data/crack-5.0a/src/libdes/enc_read.c
Examining data/crack-5.0a/src/libdes/enc_writ.c
Examining data/crack-5.0a/src/libdes/fcrypt.c
Examining data/crack-5.0a/src/libdes/ncbc_enc.c
Examining data/crack-5.0a/src/libdes/ofb64ede.c
Examining data/crack-5.0a/src/libdes/ofb64enc.c
Examining data/crack-5.0a/src/libdes/ofb_enc.c
Examining data/crack-5.0a/src/libdes/pcbc_enc.c
Examining data/crack-5.0a/src/libdes/podd.h
Examining data/crack-5.0a/src/libdes/qud_cksm.c
Examining data/crack-5.0a/src/libdes/rand_key.c
Examining data/crack-5.0a/src/libdes/read_pwd.c
Examining data/crack-5.0a/src/libdes/rpc_des.h
Examining data/crack-5.0a/src/libdes/rpc_enc.c
Examining data/crack-5.0a/src/libdes/rpw.c
Examining data/crack-5.0a/src/libdes/set_key.c
Examining data/crack-5.0a/src/libdes/sk.h
Examining data/crack-5.0a/src/libdes/speed.c
Examining data/crack-5.0a/src/libdes/spr.h
Examining data/crack-5.0a/src/libdes/str2key.c
Examining data/crack-5.0a/src/libdes/supp.c
Examining data/crack-5.0a/src/libdes/version.h
Examining data/crack-5.0a/src/util/kickdict.c
Examining data/crack-5.0a/src/util/elcid.c
Examining data/crack-5.0a/src/util/cracker.c
Examining data/crack-5.0a/src/util/dawg.c
Examining data/crack-5.0a/src/util/dictfilt.c
Examining data/crack-5.0a/src/util/elcid.h
Examining data/crack-5.0a/extra/brute.c
FINAL RESULTS:
data/crack-5.0a/extra/brute.c:53:35: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (!strcmp(cipher, (char *) crypt(pwbuffer, cipher)))
data/crack-5.0a/src/lib/dawglib.c:60:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pbuffer, buffer);
data/crack-5.0a/src/lib/dawglib.c:84:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, gbuffer); /* when in doubt, BFI */
data/crack-5.0a/src/lib/debug.c:20:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, fmt, arg1, arg2, arg3, arg4, arg5, arg6);
data/crack-5.0a/src/lib/rules.c:205:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, string);
data/crack-5.0a/src/lib/rules.c:518:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, input);
data/crack-5.0a/src/lib/rules.c:528:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, input);
data/crack-5.0a/src/lib/rules.c:531:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Reverse(area));
data/crack-5.0a/src/lib/rules.c:534:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Uppercase(area));
data/crack-5.0a/src/lib/rules.c:537:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Lowercase(area));
data/crack-5.0a/src/lib/rules.c:540:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Capitalise(area));
data/crack-5.0a/src/lib/rules.c:543:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, NCapital(area));
data/crack-5.0a/src/lib/rules.c:546:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Togcase(area));
data/crack-5.0a/src/lib/rules.c:549:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Pluralise(area));
data/crack-5.0a/src/lib/rules.c:552:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(area, Reverse(area));
data/crack-5.0a/src/lib/rules.c:555:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area2, area);
data/crack-5.0a/src/lib/rules.c:556:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(area, area2);
data/crack-5.0a/src/lib/rules.c:624:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area2 + 1, area);
data/crack-5.0a/src/lib/rules.c:625:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, area2);
data/crack-5.0a/src/lib/rules.c:663:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area2, area);
data/crack-5.0a/src/lib/rules.c:726:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p2, p1);
data/crack-5.0a/src/lib/rules.c:727:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, area2);
data/crack-5.0a/src/lib/rules.c:740:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Purge(area, *(++ptr)));
data/crack-5.0a/src/lib/rules.c:744:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, PolyPurge(area, ptr[2]));
data/crack-5.0a/src/lib/rules.c:756:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, Substitute(area, ptr[1], ptr[2]));
data/crack-5.0a/src/lib/rules.c:761:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area, PolySubst(area, ptr[2], ptr[3]));
data/crack-5.0a/src/lib/stringlib.c:89:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retval, string);
data/crack-5.0a/src/libdes/des.h:163:7: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt(const char *buf,const char *salt);
data/crack-5.0a/src/libdes/des.h:165:7: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt();
data/crack-5.0a/src/libdes/des.h:221:7: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt();
data/crack-5.0a/src/libdes/destest.c:650:6: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
str=crypt("testing","ef");
data/crack-5.0a/src/libdes/destest.c:656:6: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
str=crypt("bca76;23","yA");
data/crack-5.0a/src/libdes/fcrypt.c:542:7: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt(char *buf,char *salt);
data/crack-5.0a/src/libdes/fcrypt.c:548:7: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt();
data/crack-5.0a/src/libdes/fcrypt.c:555:7: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt(buf,salt)
data/crack-5.0a/src/libdes/speed.c:296:3: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
crypt("testing1","ef");
data/crack-5.0a/src/util/cracker.c:111:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, fmt, a, b, c, d, e, f);
data/crack-5.0a/src/util/cracker.c:457:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastsortkey, sortkey);
data/crack-5.0a/src/util/cracker.c:679:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dictcall, "%s %d", kickdict, number);
data/crack-5.0a/src/util/cracker.c:684:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(fp = popen(dictcall, "r")))
data/crack-5.0a/src/util/cracker.c:737:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(pauser);
data/crack-5.0a/src/util/cracker.c:773:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tbuf, "%s %s", nastygram, cg->cg_usernames[i]);
data/crack-5.0a/src/util/cracker.c:774:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(tbuf);
data/crack-5.0a/src/util/dawg.c:66:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (iname, argv[i]);
data/crack-5.0a/src/util/dawg.c:67:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (oname, argv[i]);
data/crack-5.0a/src/util/dawg.c:68:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (oname, extn);
data/crack-5.0a/src/util/dawg.c:75:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (iname, argv[i]);
data/crack-5.0a/src/util/dawg.c:81:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (oname, iname);
data/crack-5.0a/src/util/dawg.c:85:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (oname, iname);
data/crack-5.0a/src/util/dawg.c:86:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (iname, extn);
data/crack-5.0a/src/util/dictfilt.c:43:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff2, ptr);
data/crack-5.0a/src/util/dictfilt.c:47:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff3, ptr);
data/crack-5.0a/src/util/dictfilt.c:95:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix_grule, rbuff);
data/crack-5.0a/src/util/dictfilt.c:98:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(suffix_grule, rbuff);
data/crack-5.0a/src/util/dictfilt.c:135:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rbuff, argv[1]);
data/crack-5.0a/src/util/elcid.c:33:18: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
#define CRYPTALG crypt
data/crack-5.0a/src/util/kickdict.c:175:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(program,
data/crack-5.0a/src/util/kickdict.c:183:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(program, "%s", this_genset + 1);
data/crack-5.0a/src/util/kickdict.c:190:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(program,
data/crack-5.0a/src/util/kickdict.c:220:18: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(fpin = popen(program, "r")))
data/crack-5.0a/src/util/kickdict.c:231:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(fpout = popen(xprogram, "w")))
data/crack-5.0a/src/libdes/des.c:79:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random rand
data/crack-5.0a/src/libdes/des.c:80:9: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom(s) srand(s)
data/crack-5.0a/src/libdes/des.c:80:20: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom(s) srand(s)
data/crack-5.0a/src/libdes/des.c:360:13: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern int srandom();
data/crack-5.0a/src/libdes/des.c:361:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern int random();
data/crack-5.0a/src/libdes/des.c:486:5: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned int)time(NULL));
data/crack-5.0a/src/libdes/des.c:488:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
buf[l++]=random()&0xff;
data/crack-5.0a/src/libdes/des_locl.h:109:9: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom(s) srand(s)
data/crack-5.0a/src/libdes/des_locl.h:109:20: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom(s) srand(s)
data/crack-5.0a/src/libdes/des_locl.h:110:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random rand
data/crack-5.0a/src/libdes/enc_writ.c:60:13: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern int srandom();
data/crack-5.0a/src/libdes/enc_writ.c:62:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
extern int random();
data/crack-5.0a/src/libdes/enc_writ.c:78:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned int)time(NULL));
data/crack-5.0a/src/libdes/enc_writ.c:107:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
shortbuf[i]=random();
data/crack-5.0a/extra/brute.c:18:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pwset[MAXLEN];
data/crack-5.0a/extra/brute.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwbuffer[MAXLEN];
data/crack-5.0a/extra/brute.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char block[256]; /* std crypt() is restricted to 128, bwtf. md5 aint. */
data/crack-5.0a/src/lib/dawglib.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gbuffer[STRINGSIZE];
data/crack-5.0a/src/lib/dawglib.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pbuffer[STRINGSIZE];
data/crack-5.0a/src/lib/dawglib.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STRINGSIZE];
data/crack-5.0a/src/lib/dawglib.c:122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STRINGSIZE];
data/crack-5.0a/src/lib/libcrack.h:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[NUMWORDS][MAXWORDLEN]; /* static arrays - ick! */
data/crack-5.0a/src/lib/rules.c:78:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:95:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:113:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:131:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:151:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:171:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:202:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:214:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area, "es");
data/crack-5.0a/src/lib/rules.c:226:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(area + length - 1, "ies");
data/crack-5.0a/src/lib/rules.c:232:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area, "es");
data/crack-5.0a/src/lib/rules.c:250:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:268:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:434:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:452:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:514:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area[STRINGSIZE];
data/crack-5.0a/src/lib/rules.c:515:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area2[STRINGSIZE];
data/crack-5.0a/src/lib/stringlib.c:102:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *retval[STRINGSIZE]; /* worst case scenario */
data/crack-5.0a/src/libdes/cbc3_enc.c:69:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(niv1,output[off],sizeof(des_cblock));
data/crack-5.0a/src/libdes/cbc3_enc.c:73:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(niv2,output[off],sizeof(des_cblock));
data/crack-5.0a/src/libdes/cbc3_enc.c:78:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(niv2,input[off],sizeof(des_cblock));
data/crack-5.0a/src/libdes/cbc3_enc.c:82:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(niv1,output[off],sizeof(des_cblock));
data/crack-5.0a/src/libdes/cbc3_enc.c:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*iv1,niv1,sizeof(des_cblock));
data/crack-5.0a/src/libdes/cbc3_enc.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*iv2,niv2,sizeof(des_cblock));
data/crack-5.0a/src/libdes/des.c:111:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[KEYSIZB+1];
data/crack-5.0a/src/libdes/des.c:114:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuname[200];
data/crack-5.0a/src/libdes/des.c:115:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uubuf[50];
data/crack-5.0a/src/libdes/des.c:119:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[OUTUUBUF];
data/crack-5.0a/src/libdes/des.c:120:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bb[300];
data/crack-5.0a/src/libdes/des.c:122:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cksumname[200]="";
data/crack-5.0a/src/libdes/des.c:284:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((DES_IN=fopen(in,"r")) == NULL)
data/crack-5.0a/src/libdes/des.c:296:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((DES_OUT=fopen(out,"w")) == NULL)
data/crack-5.0a/src/libdes/des.c:367:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[8],iv2[8];
data/crack-5.0a/src/libdes/des.c:374:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
data/crack-5.0a/src/libdes/des.c:521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[8];
data/crack-5.0a/src/libdes/des.c:523:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (rem) memcpy(tmpbuf,&(buf[l]),
data/crack-5.0a/src/libdes/des.c:529:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (rem) memcpy(&(buf[l]),tmpbuf,
data/crack-5.0a/src/libdes/des.c:537:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
data/crack-5.0a/src/libdes/des.c:539:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
data/crack-5.0a/src/libdes/des.c:610:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (l >= 8) memcpy(iv,&(buf[l-8]),8);
data/crack-5.0a/src/libdes/des.c:657:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((O=fopen(cksumname,"w")) != NULL)
data/crack-5.0a/src/libdes/des.c:708:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
data/crack-5.0a/src/libdes/des.c:715:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
data/crack-5.0a/src/libdes/des.c:739:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uubuf,&(data[i]),(unsigned int)rem);
data/crack-5.0a/src/libdes/des.c:792:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out,bb,(unsigned int)valid);
data/crack-5.0a/src/libdes/des.c:817:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(out[tot]),bb,(unsigned int)j);
data/crack-5.0a/src/libdes/des.c:819:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bb,&(bb[j]),(unsigned int)i-j);
data/crack-5.0a/src/libdes/des.c:823:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(out[tot]),bb,(unsigned int)i);
data/crack-5.0a/src/libdes/des.h:59:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char des_cblock[8];
data/crack-5.0a/src/libdes/destest.c:61:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char key_data[NUM_TESTS][8]={
data/crack-5.0a/src/libdes/destest.c:97:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char plain_data[NUM_TESTS][8]={
data/crack-5.0a/src/libdes/destest.c:133:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cipher_data[NUM_TESTS][8]={
data/crack-5.0a/src/libdes/destest.c:169:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
data/crack-5.0a/src/libdes/destest.c:204:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
data/crack-5.0a/src/libdes/destest.c:205:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
data/crack-5.0a/src/libdes/destest.c:206:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
data/crack-5.0a/src/libdes/destest.c:207:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
data/crack-5.0a/src/libdes/destest.c:208:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cbc_data[40]="7654321 Now is the time for ";
data/crack-5.0a/src/libdes/destest.c:210:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cbc_ok[32]={
data/crack-5.0a/src/libdes/destest.c:216:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cbc3_ok[32]={
data/crack-5.0a/src/libdes/destest.c:222:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char pcbc_ok[32]={
data/crack-5.0a/src/libdes/destest.c:228:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
data/crack-5.0a/src/libdes/destest.c:229:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
data/crack-5.0a/src/libdes/destest.c:230:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
data/crack-5.0a/src/libdes/destest.c:231:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char plain[24]=
data/crack-5.0a/src/libdes/destest.c:238:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_cipher8[24]= {
data/crack-5.0a/src/libdes/destest.c:241:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_cipher16[24]={
data/crack-5.0a/src/libdes/destest.c:244:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_cipher32[24]={
data/crack-5.0a/src/libdes/destest.c:247:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_cipher48[24]={
data/crack-5.0a/src/libdes/destest.c:250:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cfb_cipher64[24]={
data/crack-5.0a/src/libdes/destest.c:254:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
data/crack-5.0a/src/libdes/destest.c:255:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
data/crack-5.0a/src/libdes/destest.c:256:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
data/crack-5.0a/src/libdes/destest.c:257:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ofb_cipher[24]=
data/crack-5.0a/src/libdes/destest.c:265:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
data/crack-5.0a/src/libdes/destest.c:286:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cbc_in[40];
data/crack-5.0a/src/libdes/destest.c:287:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cbc_out[40];
data/crack-5.0a/src/libdes/destest.c:289:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char qret[4][4],cret[8];
data/crack-5.0a/src/libdes/destest.c:302:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in,plain_data[i],8);
data/crack-5.0a/src/libdes/destest.c:341:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in,plain_data[i],8);
data/crack-5.0a/src/libdes/destest.c:406:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
data/crack-5.0a/src/libdes/destest.c:420:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
data/crack-5.0a/src/libdes/destest.c:467:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/destest.c:477:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/destest.c:494:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
data/crack-5.0a/src/libdes/destest.c:502:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
data/crack-5.0a/src/libdes/destest.c:513:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
data/crack-5.0a/src/libdes/destest.c:527:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
data/crack-5.0a/src/libdes/destest.c:539:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
data/crack-5.0a/src/libdes/destest.c:553:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
data/crack-5.0a/src/libdes/destest.c:585:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(lqret[i]),&(qret[i][0]),4);
data/crack-5.0a/src/libdes/destest.c:672:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bufs[10][20];
data/crack-5.0a/src/libdes/destest.c:697:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/destest.c:707:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/destest.c:727:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/destest.c:741:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/destest.c:765:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/destest.c:779:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
data/crack-5.0a/src/libdes/ecb_enc.c:86:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[4];
data/crack-5.0a/src/libdes/ecb_enc.c:153:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[4];
data/crack-5.0a/src/libdes/enc_read.c:65:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char net[BSIZE];
data/crack-5.0a/src/libdes/enc_read.c:69:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char unnet[BSIZE];
data/crack-5.0a/src/libdes/enc_read.c:84:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,&(unnet[unnet_start]),
data/crack-5.0a/src/libdes/enc_read.c:93:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,&(unnet[unnet_start]),(unsigned int)len);
data/crack-5.0a/src/libdes/enc_read.c:143:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,unnet,(unsigned int)len);
data/crack-5.0a/src/libdes/enc_read.c:160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[BSIZE];
data/crack-5.0a/src/libdes/enc_read.c:173:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,tmpbuf,(unsigned int)num);
data/crack-5.0a/src/libdes/enc_writ.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[BSIZE+HDRSIZE];
data/crack-5.0a/src/libdes/enc_writ.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortbuf[8];
data/crack-5.0a/src/libdes/enc_writ.c:105:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(shortbuf,buf,(unsigned int)len);
data/crack-5.0a/src/libdes/fcrypt.c:61:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char des_cblock[8];
data/crack-5.0a/src/libdes/fcrypt.c:508:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned const char con_salt[128]={
data/crack-5.0a/src/libdes/fcrypt.c:527:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned const char cov_2char[64]={
data/crack-5.0a/src/libdes/fcrypt.c:565:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buff[20];
data/crack-5.0a/src/libdes/fcrypt.c:566:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bb[9];
data/crack-5.0a/src/libdes/podd.h:48:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char odd_parity[256]={
data/crack-5.0a/src/libdes/rand_key.c:57:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(init,key,sizeof(des_cblock));
data/crack-5.0a/src/libdes/rand_key.c:103:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret,data,sizeof(key));
data/crack-5.0a/src/libdes/read_pwd.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ],buff[BUFSIZ];
data/crack-5.0a/src/libdes/read_pwd.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ],buff[BUFSIZ];
data/crack-5.0a/src/libdes/read_pwd.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[BUFSIZ];
data/crack-5.0a/src/libdes/read_pwd.c:193:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SIZE+1];
data/crack-5.0a/src/libdes/read_pwd.c:226:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tty=fopen("/dev/tty","r")) == NULL)
data/crack-5.0a/src/libdes/read_pwd.c:229:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tty=fopen("con","r")) == NULL)
data/crack-5.0a/src/libdes/read_pwd.c:236:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
data/crack-5.0a/src/libdes/rpc_des.h:93:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char des_key[8]; /* key (with low bit parity) */
data/crack-5.0a/src/libdes/rpc_des.h:96:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char des_ivec[8]; /* input vector */
data/crack-5.0a/src/libdes/rpc_des.h:99:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char UDES_data[DES_QUICKLEN];
data/crack-5.0a/src/libdes/speed.c:181:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[BUFSIZE];
data/crack-5.0a/src/libdes/str2key.c:144:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (length <= 8) memcpy(key2,key1,8);
data/crack-5.0a/src/util/cracker.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *db_guessvec[1]; /* vector of 'ebs' pointers to char */
data/crack-5.0a/src/util/cracker.c:423:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastsortkey[STRINGSIZE];
data/crack-5.0a/src/util/cracker.c:496:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STRINGSIZE];
data/crack-5.0a/src/util/cracker.c:525:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
from_rule = atoi(atoms[2]);
data/crack-5.0a/src/util/cracker.c:593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[STRINGSIZE];
data/crack-5.0a/src/util/cracker.c:674:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[STRINGSIZE];
data/crack-5.0a/src/util/cracker.c:675:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dictcall[STRINGSIZE];
data/crack-5.0a/src/util/cracker.c:771:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[8192];
data/crack-5.0a/src/util/cracker.c:868:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[8192];
data/crack-5.0a/src/util/cracker.c:873:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(cfp = fopen(dictcache, "w+")))
data/crack-5.0a/src/util/cracker.c:1019:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((user_from_rule = atoi(argv[i])) < 1)
data/crack-5.0a/src/util/cracker.c:1036:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
niceval = atoi(argv[i]);
data/crack-5.0a/src/util/cracker.c:1054:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(kfp = fopen(argv[i], "w")))
data/crack-5.0a/src/util/dawg.c:59:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iname[STRINGSIZE];
data/crack-5.0a/src/util/dawg.c:60:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oname[STRINGSIZE];
data/crack-5.0a/src/util/dawg.c:90:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ifp = fopen (iname, "r")))
data/crack-5.0a/src/util/dawg.c:96:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ofp = fopen (oname, "w")))
data/crack-5.0a/src/util/dictfilt.c:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prefix_grule[STRINGSIZE] = ":";
data/crack-5.0a/src/util/dictfilt.c:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char suffix_grule[STRINGSIZE] = ":";
data/crack-5.0a/src/util/dictfilt.c:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[STRINGSIZE];
data/crack-5.0a/src/util/dictfilt.c:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff2[STRINGSIZE];
data/crack-5.0a/src/util/dictfilt.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff3[STRINGSIZE];
data/crack-5.0a/src/util/dictfilt.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuff[STRINGSIZE];
data/crack-5.0a/src/util/dictfilt.c:81:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(grulefile, "r")))
data/crack-5.0a/src/util/dictfilt.c:153:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(argv[i], "r")))
data/crack-5.0a/src/util/elcid.c:21:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char private_salt[SALTSIZE + 1];
data/crack-5.0a/src/util/elcid.c:159:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cipher = (char *) CRYPTALG(guesses[i], private_salt);
data/crack-5.0a/src/util/elcid.c:171:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strncmp(cipher, (char *) cookies[j], CIPHERTEXTSIZE))
data/crack-5.0a/src/util/elcid.c:173:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
results[j] = (char *) Clone(guesses[i]);
data/crack-5.0a/src/util/kickdict.c:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char this_rule[STRINGSIZE];
data/crack-5.0a/src/util/kickdict.c:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STRINGSIZE];
data/crack-5.0a/src/util/kickdict.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char program[16384]; /* BIG */
data/crack-5.0a/src/util/kickdict.c:47:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (!(dictnum = atoi(argv[1])))
data/crack-5.0a/src/util/kickdict.c:53:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fpin = fopen(dictconf, "r")))
data/crack-5.0a/src/util/kickdict.c:115:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(rufp = fopen(this_genset, "r")))
data/crack-5.0a/src/util/kickdict.c:182:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(this_rule, "<stream>");
data/crack-5.0a/src/lib/dawglib.c:71:31: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((off = (unsigned int) getc (fp)) == (unsigned) EOF)
data/crack-5.0a/src/lib/rules.c:56:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(myword);
data/crack-5.0a/src/lib/rules.c:57:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(suffix);
data/crack-5.0a/src/lib/rules.c:80:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = i = strlen(str);
data/crack-5.0a/src/lib/rules.c:204:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(string);
data/crack-5.0a/src/lib/rules.c:221:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(area, "s");
data/crack-5.0a/src/lib/rules.c:237:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(area, "s");
data/crack-5.0a/src/lib/rules.c:589:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(area) <= limit)
data/crack-5.0a/src/lib/rules.c:609:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(area) >= limit)
data/crack-5.0a/src/lib/stringlib.c:85:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retval = (char *) malloc(strlen(string) + 1);
data/crack-5.0a/src/libdes/des.c:155:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cksumname,p,200);
data/crack-5.0a/src/libdes/des.c:156:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p+=strlen(cksumname);
data/crack-5.0a/src/libdes/des.c:161:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cksumname,p,200);
data/crack-5.0a/src/libdes/des.c:162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p+=strlen(cksumname);
data/crack-5.0a/src/libdes/des.c:192:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uuname,p,200);
data/crack-5.0a/src/libdes/des.c:193:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p+=strlen(uuname);
data/crack-5.0a/src/libdes/des.c:210:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key,argv[i],KEYSIZB);
data/crack-5.0a/src/libdes/des.c:211:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j=strlen(argv[i])-1; j>=0; j--)
data/crack-5.0a/src/libdes/des.c:759:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(end,1,strlen(end),fp);
data/crack-5.0a/src/libdes/des.c:801:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen((char *)b);
data/crack-5.0a/src/libdes/destest.c:373:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen((char *)cbc_data)+1,ks,
data/crack-5.0a/src/libdes/destest.c:378:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen((char *)cbc_data)+1,ks,
data/crack-5.0a/src/libdes/destest.c:404:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen((char *)cbc_data)+1;
data/crack-5.0a/src/libdes/destest.c:414:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
data/crack-5.0a/src/libdes/destest.c:423:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
data/crack-5.0a/src/libdes/destest.c:438:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_ENCRYPT);
data/crack-5.0a/src/libdes/destest.c:445:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT);
data/crack-5.0a/src/libdes/destest.c:566:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv);
data/crack-5.0a/src/libdes/destest.c:581:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(cbc_data),2,(C_Block *)cbc_iv);
data/crack-5.0a/src/libdes/destest.c:637:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
data/crack-5.0a/src/libdes/destest.c:645:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
data/crack-5.0a/src/libdes/enc_read.c:108:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num);
data/crack-5.0a/src/libdes/enc_read.c:128:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num);
data/crack-5.0a/src/libdes/read_pwd.c:378:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(buf));
data/crack-5.0a/src/libdes/str2key.c:61:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length=strlen(str);
data/crack-5.0a/src/libdes/str2key.c:103:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length=strlen(str);
data/crack-5.0a/src/util/cracker.c:707:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(tbuf, dictok, strlen(dictok)))
data/crack-5.0a/src/util/cracker.c:712:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(tbuf, dictstream, strlen(dictstream)))
data/crack-5.0a/src/util/dawg.c:25:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen (argv[0]);
data/crack-5.0a/src/util/dawg.c:76:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen (iname);
data/crack-5.0a/src/util/dawg.c:77:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e = strlen (extn);
data/crack-5.0a/src/util/elcid.c:86:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(private_salt, ciphertexts[0], SALTSIZE);
data/crack-5.0a/src/util/elcid.c:121:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ciphertext) < CIPHERTEXTSIZE)
data/crack-5.0a/src/util/kickdict.c:174:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(this_rule, ":");
ANALYSIS SUMMARY:
Hits = 292
Lines analyzed = 10799 in approximately 0.44 seconds (24446 lines/second)
Physical Source Lines of Code (SLOC) = 7540
Hits@level = [0] 184 [1] 44 [2] 173 [3] 14 [4] 61 [5] 0
Hits@level+ = [0+] 476 [1+] 292 [2+] 248 [3+] 75 [4+] 61 [5+] 0
Hits/KSLOC@level+ = [0+] 63.13 [1+] 38.7268 [2+] 32.8912 [3+] 9.94695 [4+] 8.09019 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.