Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cryptcat-20031202/farm9crypt.cc
Examining data/cryptcat-20031202/farm9crypt.h
Examining data/cryptcat-20031202/generic.h
Examining data/cryptcat-20031202/netcat.c
Examining data/cryptcat-20031202/twofish2.cc
Examining data/cryptcat-20031202/twofish2.h
FINAL RESULTS:
data/cryptcat-20031202/netcat.c:183:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define Debug(x) printf x; printf ("\n"); fflush (stdout); sleep (1);
data/cryptcat-20031202/netcat.c:201:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, str, p1, p2, p3, p4, p5, p6);
data/cryptcat-20031202/netcat.c:207:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, h_errs[h_errno]); /* handle it here */
data/cryptcat-20031202/netcat.c:376:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (poop->name, unknown); /* preload it */
data/cryptcat-20031202/netcat.c:600:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl (pr00gie, p, NULL);
data/cryptcat-20031202/netcat.c:822:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (bigbuf_net, inet_ntoa (lclend->sin_addr));
data/cryptcat-20031202/netcat.c:896:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (p, pp); /* and build the final string */
data/cryptcat-20031202/netcat.c:915:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cp, inet_ntoa (lclend->sin_addr));
data/cryptcat-20031202/netcat.c:927:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bigbuf_net, inet_ntoa (remend->sin_addr));
data/cryptcat-20031202/farm9crypt.cc:94:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand( 1000 );
data/cryptcat-20031202/netcat.c:63:15: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define SRAND srandom /* that this doesn't need *strong* random */
data/cryptcat-20031202/netcat.c:64:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define RAND random /* numbers just to mix up port numbers!! */
data/cryptcat-20031202/netcat.c:66:15: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define SRAND srand
data/cryptcat-20031202/netcat.c:1419:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((x = getopt (argc, argv, "ae:g:G:hi:k:lno:p:rs:tuvw:z")) != EOF) {
data/cryptcat-20031202/farm9crypt.cc:107:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char outBuffer[8193];
data/cryptcat-20031202/farm9crypt.cc:108:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inBuffer[8193];
data/cryptcat-20031202/farm9crypt.cc:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[16];
data/cryptcat-20031202/farm9crypt.cc:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf2[16];
data/cryptcat-20031202/farm9crypt.cc:132:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int limit = atoi( outbuf );
data/cryptcat-20031202/farm9crypt.cc:156:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buf, obuf + 32, limit );
data/cryptcat-20031202/farm9crypt.cc:161:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char localBuf[2000];
data/cryptcat-20031202/farm9crypt.cc:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[16];
data/cryptcat-20031202/farm9crypt.cc:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[16];
data/cryptcat-20031202/farm9crypt.cc:166:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( tempbuf, "%d %d", size, rand() );
data/cryptcat-20031202/netcat.c:109:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXHOSTNAMELEN]; /* dns name */
data/cryptcat-20031202/netcat.c:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrs[8][24]; /* ascii-format IP addresses */
data/cryptcat-20031202/netcat.c:116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [64]; /* name in /etc/services */
data/cryptcat-20031202/netcat.c:117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char anum [8]; /* ascii-format number */
data/cryptcat-20031202/netcat.c:150:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hexnibs[20] = "0123456789abcdef ";
data/cryptcat-20031202/netcat.c:389:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&poop->iaddrs[x], hostent->h_addr_list[x], sizeof (IA));
data/cryptcat-20031202/netcat.c:408:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (poop->iaddrs, &iaddr, sizeof (IA));
data/cryptcat-20031202/netcat.c:481:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = atoi (pstring);
data/cryptcat-20031202/netcat.c:510:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (portpoop->anum, "%d", x); /* always load any numeric specs! */
data/cryptcat-20031202/netcat.c:660:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&lclend->sin_addr.s_addr, lad, sizeof (IA));
data/cryptcat-20031202/netcat.c:687:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&remend->sin_addr.s_addr, rad, sizeof (IA));
data/cryptcat-20031202/netcat.c:740:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (opp, gates[x]->iaddrs, sizeof (IA));
data/cryptcat-20031202/netcat.c:744:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (opp, rad, sizeof (IA));
data/cryptcat-20031202/netcat.c:820:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (bigbuf_net, "listening on ["); /* buffer reuse... */
data/cryptcat-20031202/netcat.c:824:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (bigbuf_net, "any");
data/cryptcat-20031202/netcat.c:825:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (bigbuf_net, "] %d ...");
data/cryptcat-20031202/netcat.c:895:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (pp, "%2.2x ", *q); /* clumsy, but works: turn into hex */
data/cryptcat-20031202/netcat.c:1056:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&stage[2], "%8.8x ", obc); /* xxx: still slow? */
data/cryptcat-20031202/netcat.c:1097:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char obuf [4]; /* tiny thing to build responses into */
data/cryptcat-20031202/netcat.c:1179:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (timer2, timer1, sizeof (struct timeval));
data/cryptcat-20031202/netcat.c:1334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr[32];
data/cryptcat-20031202/netcat.c:1391:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (bigbuf_in, &cp[x], insaved);
data/cryptcat-20031202/netcat.c:1431:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
farm9crypt_init(memcpy(keystr, optarg, MAXKEYSIZE));
data/cryptcat-20031202/netcat.c:1434:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = atoi (optarg);
data/cryptcat-20031202/netcat.c:1458:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
o_interval = atoi (optarg) & 0xffff;
data/cryptcat-20031202/netcat.c:1492:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
o_wait = atoi (optarg);
data/cryptcat-20031202/netcat.c:1527:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofd = open (stage, O_WRONLY | O_CREAT | O_TRUNC, 0664);
data/cryptcat-20031202/twofish2.cc:48:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char P[2][256] =
data/cryptcat-20031202/twofish2.cc:453:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PnMinusOne[16];
data/cryptcat-20031202/twofish2.cc:454:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CnMinusOne[16];
data/cryptcat-20031202/twofish2.cc:461:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CBCplusCprime[16];
data/cryptcat-20031202/twofish2.cc:495:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Pn[16];
data/cryptcat-20031202/twofish2.cc:497:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &Pn[0], in, size );
data/cryptcat-20031202/twofish2.cc:514:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &prevCipher[0], &qBlockPlain[0], 16 );
data/cryptcat-20031202/twofish2.cc:515:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &qBlockPlain[0], p, 16 );
data/cryptcat-20031202/twofish2.cc:516:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &qBlockCrypt[0], c, 16 );
data/cryptcat-20031202/twofish2.cc:521:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( p, &qBlockPlain[0], 16 );
data/cryptcat-20031202/twofish2.cc:522:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( c, &qBlockCrypt[0], 16 );
data/cryptcat-20031202/twofish2.cc:740:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char key[32];
data/cryptcat-20031202/twofish2.cc:774:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byteBuf[200];
data/cryptcat-20031202/twofish2.cc:778:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inList[16];
data/cryptcat-20031202/twofish2.cc:779:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outList[16];
data/cryptcat-20031202/twofish2.cc:786:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( inList, in + bidx, 16 );
data/cryptcat-20031202/twofish2.cc:789:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( inList, in + bidx, remaining );
data/cryptcat-20031202/twofish2.cc:802:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( out, "%03d", byteBuf[i] );
data/cryptcat-20031202/twofish2.cc:820:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byteBuf[200];
data/cryptcat-20031202/twofish2.cc:834:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inList[16];
data/cryptcat-20031202/twofish2.cc:835:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outList[16];
data/cryptcat-20031202/twofish2.cc:841:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( inList, &byteBuf[bidx], 16 );
data/cryptcat-20031202/twofish2.cc:844:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( inList, &byteBuf[bidx], remaining );
data/cryptcat-20031202/twofish2.h:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qBlockPlain[16];
data/cryptcat-20031202/twofish2.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qBlockCrypt[16];
data/cryptcat-20031202/twofish2.h:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prevCipher[16];
data/cryptcat-20031202/farm9crypt.cc:167:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempbuf[strlen(tempbuf)] = 'x';
data/cryptcat-20031202/netcat.c:387:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (poop->name, hostent->h_name, MAXHOSTNAMELEN - 2);
data/cryptcat-20031202/netcat.c:390:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (poop->addrs[x], inet_ntoa (poop->iaddrs[x]),
data/cryptcat-20031202/netcat.c:409:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (poop->addrs[0], inet_ntoa (iaddr), sizeof (poop->addrs));
data/cryptcat-20031202/netcat.c:419:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (poop->name, hostent->h_name, MAXHOSTNAMELEN - 2);
data/cryptcat-20031202/netcat.c:469:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (portpoop->name, servent->s_name, sizeof (portpoop->name));
data/cryptcat-20031202/netcat.c:488:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (portpoop->name, servent->s_name, sizeof (portpoop->name));
data/cryptcat-20031202/netcat.c:1228:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rr = read (0, bigbuf_in, BIGSIZ);
data/cryptcat-20031202/netcat.c:1384:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
insaved = read (0, cp, BIGSIZ); /* we're gonna fake fgets() here */
data/cryptcat-20031202/twofish2.cc:781:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int remaining = strlen( in );
data/cryptcat-20031202/twofish2.cc:814:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int inLen = strlen( in );
data/cryptcat-20031202/twofish2.cc:818:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inLen = strlen( in );
ANALYSIS SUMMARY:
Hits = 89
Lines analyzed = 3303 in approximately 0.15 seconds (22546 lines/second)
Physical Source Lines of Code (SLOC) = 2190
Hits@level = [0] 8 [1] 12 [2] 63 [3] 5 [4] 9 [5] 0
Hits@level+ = [0+] 97 [1+] 89 [2+] 77 [3+] 14 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 44.2922 [1+] 40.6393 [2+] 35.1598 [3+] 6.39269 [4+] 4.10959 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.