stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_tobytes.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_copy.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_1.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_tobytes.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sign.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_sq2.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_cmov.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p1p1_to_p3.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p3_dbl.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_mul.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p3_to_cached.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_pow22523.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sha512.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_add.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_sub.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_add.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p2_0.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p3_to_p2.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_invert.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/test.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/open.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_msub.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_0.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_sub.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_isnonzero.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_isnegative.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/randombytes.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_neg.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_frombytes.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p3_tobytes.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_double_scalarmult.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p1p1_to_p2.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_sq.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p3_0.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_precomp_0.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sc_reduce.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/keypair.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/crypto_verify.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_frombytes.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sc_muladd.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_madd.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_p2_dbl.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ed25519.c
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_int8.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/ge_p2_dbl.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_verify.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_uint8.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/sqrtm1.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/ge_sub.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_uint32.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/randombytes.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/d.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/pow22523.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_int16.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_uint64.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_uint16.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/sha512.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/sc.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/base2.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_int64.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/pow225521.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/ed25519.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/ge_msub.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/api.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/ge_madd.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/ge.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/load.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/d2.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/crypto_int32.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/fe.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/base.h
Examining data/haskell-ed25519-0.0.5.0/src/cbits/ref10/include/ge_add.h

FINAL RESULTS:

data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_isnegative.c:13:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char s[32];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_isnonzero.c:12:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char zero[32];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/fe_isnonzero.c:16:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char s[32];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_double_scalarmult.c:48:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  signed char aslide[256];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_double_scalarmult.c:49:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  signed char bslide[256];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:66:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  signed char e[64];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/keypair.c:27:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char seed[32];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/open.c:13:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char h[64];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/open.c:14:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char checkr[32];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/randombytes.c:17:27:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      ed25519_random_fd = open("/dev/urandom",O_RDONLY);
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sha512.c:242:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char iv[64] = {
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sha512.c:255:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char h[64];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sha512.c:256:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char padded[256];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sign.c:12:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char az[64];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sign.c:13:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char r[64];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/sign.c:14:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char hram[64];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/test.c:5:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char pk[crypto_sign_PUBLICKEYBYTES];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/test.c:6:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char sk[crypto_sign_SECRETKEYBYTES];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/test.c:16:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char sm[5+crypto_sign_BYTES];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/test.c:24:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char m[5+crypto_sign_BYTES];
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:4:29:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
static inline unsigned char equal(signed char b,signed char c)
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:41:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][0],equal(babs,1));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:42:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][1],equal(babs,2));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:43:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][2],equal(babs,3));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:44:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][3],equal(babs,4));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:45:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][4],equal(babs,5));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:46:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][5],equal(babs,6));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:47:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][6],equal(babs,7));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/ge_scalarmult_base.c:48:24:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  cmov(t,&base[pos][7],equal(babs,8));
data/haskell-ed25519-0.0.5.0/src/cbits/ref10/randombytes.c:26:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    i = read(ed25519_random_fd,x,i);

ANALYSIS SUMMARY:

Hits = 30
Lines analyzed = 5163 in approximately 0.25 seconds (20686 lines/second)
Physical Source Lines of Code (SLOC) = 3905
Hits@level = [0]   3 [1]  10 [2]  20 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  33 [1+]  30 [2+]  20 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 8.4507 [1+] 7.68246 [2+] 5.12164 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.