Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/intel-ipsec-mb-0.55/test/chained_test.c
Examining data/intel-ipsec-mb-0.55/test/hmac_md5_test.c
Examining data/intel-ipsec-mb-0.55/test/snow3g_test.c
Examining data/intel-ipsec-mb-0.55/test/aes_test.c
Examining data/intel-ipsec-mb-0.55/test/kasumi_test_vectors.h
Examining data/intel-ipsec-mb-0.55/test/des_test.c
Examining data/intel-ipsec-mb-0.55/test/chacha20_poly1305_test.c
Examining data/intel-ipsec-mb-0.55/test/api_test.c
Examining data/intel-ipsec-mb-0.55/test/ccm_test.c
Examining data/intel-ipsec-mb-0.55/test/direct_api_test.c
Examining data/intel-ipsec-mb-0.55/test/gcm_test.c
Examining data/intel-ipsec-mb-0.55/test/snow3g_test_vectors.h
Examining data/intel-ipsec-mb-0.55/test/utils.h
Examining data/intel-ipsec-mb-0.55/test/sha_test.c
Examining data/intel-ipsec-mb-0.55/test/misc.h
Examining data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c
Examining data/intel-ipsec-mb-0.55/test/do_test.h
Examining data/intel-ipsec-mb-0.55/test/xcbc_test.c
Examining data/intel-ipsec-mb-0.55/test/zuc_test.c
Examining data/intel-ipsec-mb-0.55/test/hmac_sha1_test.c
Examining data/intel-ipsec-mb-0.55/test/chacha_test.c
Examining data/intel-ipsec-mb-0.55/test/customop_test.c
Examining data/intel-ipsec-mb-0.55/test/hmac_sha256_sha512_test.c
Examining data/intel-ipsec-mb-0.55/test/aes_cbcs_test.c
Examining data/intel-ipsec-mb-0.55/test/kasumi_test.c
Examining data/intel-ipsec-mb-0.55/test/ecb_test.c
Examining data/intel-ipsec-mb-0.55/test/pon_test.c
Examining data/intel-ipsec-mb-0.55/test/ctr_test.c
Examining data/intel-ipsec-mb-0.55/test/main.c
Examining data/intel-ipsec-mb-0.55/test/cmac_test.c
Examining data/intel-ipsec-mb-0.55/test/utils.c
Examining data/intel-ipsec-mb-0.55/test/poly1305_test.c
Examining data/intel-ipsec-mb-0.55/test/null_test.c
Examining data/intel-ipsec-mb-0.55/test/crc_test.c
Examining data/intel-ipsec-mb-0.55/test/zuc_test_vectors.h
Examining data/intel-ipsec-mb-0.55/test/clear_mem_test.c
Examining data/intel-ipsec-mb-0.55/test/customop_test.h
Examining data/intel-ipsec-mb-0.55/test/hec_test.c
Examining data/intel-ipsec-mb-0.55/test/gcm_vectors.h
Examining data/intel-ipsec-mb-0.55/test/gcm_ctr_vectors_test.h
Examining data/intel-ipsec-mb-0.55/lib/gcm.c
Examining data/intel-ipsec-mb-0.55/lib/intel-ipsec-mb.h
Examining data/intel-ipsec-mb-0.55/lib/cpu_feature.c
Examining data/intel-ipsec-mb-0.55/lib/mb_mgr_auto.c
Examining data/intel-ipsec-mb-0.55/lib/snow3g_tables.c
Examining data/intel-ipsec-mb-0.55/lib/error.c
Examining data/intel-ipsec-mb-0.55/lib/des_key.c
Examining data/intel-ipsec-mb-0.55/lib/snow3g_iv.c
Examining data/intel-ipsec-mb-0.55/lib/des_basic.c
Examining data/intel-ipsec-mb-0.55/lib/aes_xcbc_expand_key.c
Examining data/intel-ipsec-mb-0.55/lib/sse/mb_mgr_sse.c
Examining data/intel-ipsec-mb-0.55/lib/sse/snow3g_sse.c
Examining data/intel-ipsec-mb-0.55/lib/sse/kasumi_sse.c
Examining data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c
Examining data/intel-ipsec-mb-0.55/lib/alloc.c
Examining data/intel-ipsec-mb-0.55/lib/kasumi_iv.c
Examining data/intel-ipsec-mb-0.55/lib/version.c
Examining data/intel-ipsec-mb-0.55/lib/no-aesni/mb_mgr_sse_no_aesni.c
Examining data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c
Examining data/intel-ipsec-mb-0.55/lib/no-aesni/snow3g_sse_no_aesni.c
Examining data/intel-ipsec-mb-0.55/lib/no-aesni/aesni_emu.c
Examining data/intel-ipsec-mb-0.55/lib/avx/mb_mgr_avx.c
Examining data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c
Examining data/intel-ipsec-mb-0.55/lib/avx/snow3g_avx.c
Examining data/intel-ipsec-mb-0.55/lib/avx/kasumi_avx.c
Examining data/intel-ipsec-mb-0.55/lib/avx2/mb_mgr_avx2.c
Examining data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c
Examining data/intel-ipsec-mb-0.55/lib/avx2/snow3g_avx2.c
Examining data/intel-ipsec-mb-0.55/lib/include/mb_mgr_code.h
Examining data/intel-ipsec-mb-0.55/lib/include/noaesni.h
Examining data/intel-ipsec-mb-0.55/lib/include/save_xmms.h
Examining data/intel-ipsec-mb-0.55/lib/include/kasumi_internal.h
Examining data/intel-ipsec-mb-0.55/lib/include/constant_lookup.h
Examining data/intel-ipsec-mb-0.55/lib/include/des.h
Examining data/intel-ipsec-mb-0.55/lib/include/constants.h
Examining data/intel-ipsec-mb-0.55/lib/include/error.h
Examining data/intel-ipsec-mb-0.55/lib/include/ipsec_ooo_mgr.h
Examining data/intel-ipsec-mb-0.55/lib/include/des_utils.h
Examining data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h
Examining data/intel-ipsec-mb-0.55/lib/include/zuc_internal.h
Examining data/intel-ipsec-mb-0.55/lib/include/aesni_emu.h
Examining data/intel-ipsec-mb-0.55/lib/include/asm.h
Examining data/intel-ipsec-mb-0.55/lib/include/cpu_feature.h
Examining data/intel-ipsec-mb-0.55/lib/include/snow3g_tables.h
Examining data/intel-ipsec-mb-0.55/lib/include/gcm.h
Examining data/intel-ipsec-mb-0.55/lib/include/clear_regs_mem.h
Examining data/intel-ipsec-mb-0.55/lib/include/docsis_common.h
Examining data/intel-ipsec-mb-0.55/lib/include/wireless_common.h
Examining data/intel-ipsec-mb-0.55/lib/include/chacha20_poly1305.h
Examining data/intel-ipsec-mb-0.55/lib/include/snow3g.h
Examining data/intel-ipsec-mb-0.55/lib/chacha20_poly1305.c
Examining data/intel-ipsec-mb-0.55/lib/sha_one_block.c
Examining data/intel-ipsec-mb-0.55/lib/zuc_iv.c
Examining data/intel-ipsec-mb-0.55/lib/avx512/mb_mgr_avx512.c
Examining data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c
Examining data/intel-ipsec-mb-0.55/lib/md5_one_block.c
Examining data/intel-ipsec-mb-0.55/perf/msr.c
Examining data/intel-ipsec-mb-0.55/perf/ipsec_perf.c
Examining data/intel-ipsec-mb-0.55/perf/msr.h
FINAL RESULTS:
data/intel-ipsec-mb-0.55/lib/include/zuc_internal.h:64:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, "%s()::%d " _fmt , __FUNCTION__, __LINE__, __VA_ARGS__)
data/intel-ipsec-mb-0.55/lib/include/zuc_internal.h:67:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, "%s()::%d " _fmt , __func__, __LINE__, __VA_ARGS__)
data/intel-ipsec-mb-0.55/test/customop_test.c:39:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define TRACE(fmt, ...) fprintf(stderr, "%s:%d "fmt, \
data/intel-ipsec-mb-0.55/test/customop_test.c:42:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define TRACE(fmt, ...) fprintf(stderr, "%s:%d "fmt, \
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:3128:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:3245:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(ITER_SCALE_LONG + ITER_SCALE_SHORT + ITER_SCALE_SMOKE);
data/intel-ipsec-mb-0.55/test/clear_mem_test.c:85:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/intel-ipsec-mb-0.55/test/crc_test.c:732:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0x20200701);
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:2548:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(SEED);
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:103:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pIn8[length - numBytesLeftOver],
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:111:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pOut8[length - numBytesLeftOver], &tempDst[0],
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:244:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pTempBufInPtr[offset],
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:255:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTempBufOutPtr[offset],
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:451:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStream[0], &keyStream[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:545:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:599:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:734:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/avx/zuc_avx_top.c:791:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:162:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pIn8[length - numBytesLeftOver],
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:169:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pOut8[length - numBytesLeftOver], &tempDst[0],
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:296:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pTempBufInPtr[offset],
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:307:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTempBufOutPtr[offset],
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:471:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStream[0], &keyStream[8], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:546:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:600:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[8], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:722:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/avx2/zuc_avx2_top.c:779:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[8], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:239:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pIn8[length - numBytesLeftOver],
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:246:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pOut8[length - numBytesLeftOver], &tempDst[0],
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:376:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pTempBufInPtr[offset],
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:388:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTempBufOutPtr[offset],
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:579:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStream[0], &keyStream[16], 64);
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:699:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[16], 64);
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:788:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeyStrArr0[i], &ooo->args.prev_ks[i], 8);
data/intel-ipsec-mb-0.55/lib/avx512/zuc_avx512_top.c:838:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ooo->args.prev_ks[i],
data/intel-ipsec-mb-0.55/lib/include/kasumi_internal.h:1457:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)dataLen, lengths, dataCount * sizeof(uint32_t));
data/intel-ipsec-mb-0.55/lib/include/kasumi_internal.h:1458:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pDataIn, pIn, dataCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/kasumi_internal.h:1459:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pDataOut, pOut, dataCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/kasumi_internal.h:1667:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&safeBuf.b64, pIn, lengthInBytes);
data/intel-ipsec-mb-0.55/lib/include/kasumi_internal.h:1752:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&safebuff.b64[0], pIn, (lengthInBits + 7) / 8);
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3158:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tBufferIn, (const void *)pBufferIn,
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3160:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tBufferOut, (const void *)pBufferOut,
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3162:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tLenInBytes, (const void *)lengthInBytes,
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3648:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)lensBuf, bufLenInBytes, packetCount * sizeof(uint32_t));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3649:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pSrcBuf, pBufferIn, packetCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3650:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pDstBuf, pBufferOut, packetCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3651:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pIV, IV, packetCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3851:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pCtxBuf, pCtx, packetCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3852:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)lensBuf, bufLenInBytes, packetCount * sizeof(uint32_t));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3853:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pSrcBuf, pBufferIn, packetCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3854:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pDstBuf, pBufferOut, packetCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:3855:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)pIV, IV, packetCount * sizeof(void *));
data/intel-ipsec-mb-0.55/lib/include/snow3g_common.h:4065:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&V, &inputBuffer[i], (rem_bits + 7) / 8);
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:103:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pIn8[length - numBytesLeftOver],
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:111:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pOut8[length - numBytesLeftOver], &tempDst[0],
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:247:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pTempBufInPtr[offset],
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:259:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTempBufOutPtr[offset],
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:466:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStream[0], &keyStream[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:564:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:622:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:763:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/no-aesni/zuc_sse_no_aesni_top.c:823:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:103:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pIn8[length - numBytesLeftOver],
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:111:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pOut8[length - numBytesLeftOver], &tempDst[0],
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:253:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tempSrc[0], &pTempBufInPtr[offset],
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:265:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pTempBufOutPtr[offset],
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:508:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStream[0], &keyStream[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:621:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:676:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:831:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&keyStr[i][0], &keyStr[i][KEYSTR_ROUND_LEN],
data/intel-ipsec-mb-0.55/lib/sse/zuc_sse_top.c:889:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyStr32, &keyStr32[4], KEYSTR_ROUND_LEN);
data/intel-ipsec-mb-0.55/lib/zuc_iv.c:61:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iv[8], &iv[0], 8);
data/intel-ipsec-mb-0.55/lib/zuc_iv.c:94:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iv[8], &iv[0], 8);
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:833:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prog_bar[PB_INIT_SIZE + 4]; /* 50 + 4 for \r, [, ], \0 */
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:2229:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *func_names[4] = {
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:2232:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *c_mode_names[TEST_NUM_CIPHER_TESTS - 1] = {
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:2239:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *c_dir_names[2] = {
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:2242:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *h_alg_names[TEST_NUM_HASH_TESTS - 1] = {
data/intel-ipsec-mb-0.55/perf/ipsec_perf.c:2807:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parse_range(const char * const *argv, const int index, const int argc,
data/intel-ipsec-mb-0.55/perf/msr.c:188:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[32];
data/intel-ipsec-mb-0.55/perf/msr.c:193:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, O_RDWR);
data/intel-ipsec-mb-0.55/test/aes_cbcs_test.c:3502:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i], padding, sizeof(padding));
data/intel-ipsec-mb-0.55/test/aes_cbcs_test.c:3503:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding) + text_len,
data/intel-ipsec-mb-0.55/test/aes_cbcs_test.c:3508:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding), in_text, text_len);
data/intel-ipsec-mb-0.55/test/aes_test.c:1887:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding), in_text, text_len);
data/intel-ipsec-mb-0.55/test/aes_test.c:2173:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding), in_text,
data/intel-ipsec-mb-0.55/test/aes_test.c:2348:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, aes_cfb_128_tab[i].K, aes_cfb_128_tab[i].Klen);
data/intel-ipsec-mb-0.55/test/aes_test.c:2372:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output1, aes_cfb_128_tab[i].P, aes_cfb_128_tab[i].Plen);
data/intel-ipsec-mb-0.55/test/aes_test.c:2381:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output1, aes_cfb_128_tab[i].C, aes_cfb_128_tab[i].Plen);
data/intel-ipsec-mb-0.55/test/ccm_test.c:2331:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding),
data/intel-ipsec-mb-0.55/test/ccm_test.c:2334:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding),
data/intel-ipsec-mb-0.55/test/chacha20_poly1305_test.c:357:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding),
data/intel-ipsec-mb-0.55/test/chacha20_poly1305_test.c:360:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding),
data/intel-ipsec-mb-0.55/test/chacha_test.c:280:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding), in_text, text_len);
data/intel-ipsec-mb-0.55/test/chacha_test.c:369:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(enc_keys, vec_tab[vect].K, vec_tab[vect].Klen);
data/intel-ipsec-mb-0.55/test/chacha_test.c:370:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dec_keys, vec_tab[vect].K, vec_tab[vect].Klen);
data/intel-ipsec-mb-0.55/test/chained_test.c:272:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding), in_text, text_len);
data/intel-ipsec-mb-0.55/test/chained_test.c:439:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hash_key, vec_tab[vect].hash_key,
data/intel-ipsec-mb-0.55/test/ctr_test.c:1453:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(local_iv, vectors[vect].IV, orig_iv_len);
data/intel-ipsec-mb-0.55/test/des_test.c:309:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding), in_text, text_len);
data/intel-ipsec-mb-0.55/test/ecb_test.c:643:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targets[i] + sizeof(padding), in_text, text_len);
data/intel-ipsec-mb-0.55/test/gcm_test.c:1776:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt_test, vector->P, vector->Plen);
data/intel-ipsec-mb-0.55/test/gcm_test.c:1808:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ct_test, vector->C, vector->Plen);
data/intel-ipsec-mb-0.55/test/gcm_test.c:2049:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_seg, in_ptr, seg_size);
data/intel-ipsec-mb-0.55/test/gcm_test.c:2057:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_seg, in_ptr, last_partial_seg);
data/intel-ipsec-mb-0.55/test/gcm_test.c:2071:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_seg, in_ptr, seg_size);
data/intel-ipsec-mb-0.55/test/gcm_test.c:2079:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_seg, in_ptr, last_partial_seg);
data/intel-ipsec-mb-0.55/test/gcm_test.c:2094:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_seg, in_ptr, seg_size);
data/intel-ipsec-mb-0.55/test/gcm_test.c:2102:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_seg, in_ptr, last_partial_seg);
data/intel-ipsec-mb-0.55/test/hmac_md5_test.c:405:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, vec->key, vec->key_len);
data/intel-ipsec-mb-0.55/test/hmac_sha1_test.c:385:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, vec->key, vec->key_len);
data/intel-ipsec-mb-0.55/test/hmac_sha256_sha512_test.c:882:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, vec->key, vec->key_len);
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:1286:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k3, auth_key, sizeof(keys->k3));
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:1311:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k1_expanded, auth_key, 32);
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:1382:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k2, ciph_key, 16);
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:1391:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k2, ciph_key, 16);
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:1392:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k2 + 16, ciph_key + 16, 16);
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:1446:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&test_buf[params->buf_size - DOCSIS_CRC32_TAG_SIZE],
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:1694:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(src_dst_buf, test_buf, buf_size);
data/intel-ipsec-mb-0.55/test/ipsec_xvalid.c:2300:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parse_range(const char * const *argv, const int index, const int argc,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:266:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, kasumi_test_vectors[i].key,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:268:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, kasumi_test_vectors[i].plaintext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:270:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff, kasumi_test_vectors[i].ciphertext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:272:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)&IV, kasumi_test_vectors[i].iv,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:308:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff, kasumi_test_vectors[i].plaintext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:367:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(plainBuff + PAD_LEN, src_test, byte_len);
data/intel-ipsec-mb-0.55/test/kasumi_test.c:368:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ciphBuff + PAD_LEN, dst_test, byte_len);
data/intel-ipsec-mb-0.55/test/kasumi_test.c:426:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, kasumi_bit_vectors[i].key,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:428:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)&IV, kasumi_bit_vectors[i].iv,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:598:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, kasumi_bit_vectors->plaintext, bufferbytesize);
data/intel-ipsec-mb-0.55/test/kasumi_test.c:599:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff, kasumi_bit_vectors->ciphertext, bufferbytesize);
data/intel-ipsec-mb-0.55/test/kasumi_test.c:605:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, &kasumi_bit_vectors->key[i][0],
data/intel-ipsec-mb-0.55/test/kasumi_test.c:607:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)&IV, &kasumi_bit_vectors->iv[i][0],
data/intel-ipsec-mb-0.55/test/kasumi_test.c:652:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, &kasumi_bit_vectors->key[i][0],
data/intel-ipsec-mb-0.55/test/kasumi_test.c:654:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)&IV, &kasumi_bit_vectors->iv[i][0],
data/intel-ipsec-mb-0.55/test/kasumi_test.c:759:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key[i], kasumi_test_vectors[i].key,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:762:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff[i], kasumi_test_vectors[i].plaintext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:765:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff[i], kasumi_test_vectors[i].ciphertext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:768:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iv[i], kasumi_test_vectors[i].iv,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:805:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff[i], kasumi_test_vectors[i].plaintext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:830:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff[i], kasumi_test_vectors[i].plaintext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:885:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff[i], kasumi_test_vectors[i].ciphertext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:977:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key[i], kasumi_test_vectors[0].key,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:980:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff[i], kasumi_test_vectors[0].plaintext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:983:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff[i], kasumi_test_vectors[0].ciphertext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:986:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iv[i], kasumi_test_vectors[0].iv,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1119:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key[i], kasumi_test_vectors[0].key,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1122:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff[i], kasumi_test_vectors[0].plaintext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1125:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff[i], kasumi_test_vectors[0].ciphertext,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1128:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iv[i], kasumi_test_vectors[0].iv,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1518:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, kasumiF9_test_vectors[i].key,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1521:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, kasumiF9_test_vectors[i].input, byteLen);
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1523:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, kasumiF9_test_vectors[i].exp_out,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1599:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, kasumiF9_vectors[i].key,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1602:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, kasumiF9_vectors[i].input,
data/intel-ipsec-mb-0.55/test/kasumi_test.c:1605:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iv, kasumiF9_vectors[i].iv,
data/intel-ipsec-mb-0.55/test/main.c:206:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *arch_str_tab[ARCH_NUMOF] = {
data/intel-ipsec-mb-0.55/test/pon_test.c:451:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target + sizeof(padding), in_text, len_to_bip);
data/intel-ipsec-mb-0.55/test/pon_test.c:470:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target + sizeof(padding), out_text, len_to_bip);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:276:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, testVectors[i].key, testVectors[i].keyLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:277:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, testVectors[i].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:279:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff, testVectors[i].ciphertext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:280:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV, testVectors[i].iv, testVectors[i].ivLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:310:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff, testVectors[i].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:382:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(plainBuff + PAD_LEN, src_test, byte_len);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:383:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ciphBuff + PAD_LEN, dst_test, byte_len);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:465:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, testVectors->key[i], testVectors->keyLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:466:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV, testVectors->iv[i], testVectors->ivLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:568:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, testStandardVectors[i].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:569:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff, testStandardVectors[i].ciphertext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:611:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, testStandardVectors[i].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:613:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstBuff, testStandardVectors[i].ciphertext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:759:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[j].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:762:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:766:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[j].iv,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:809:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].ciphertext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:869:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].ciphertext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1025:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[j].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1028:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1032:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[j].iv,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1079:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].ciphertext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1146:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].ciphertext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1239:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[1].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1242:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[1].plaintext, packetLen[i]);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1246:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[1].iv, testVectors[1].ivLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1382:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[j].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1385:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1389:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[j].iv,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1536:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[1].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1539:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[1].plaintext, packetLen[i]);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1543:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[1].iv, testVectors[1].ivLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1695:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[j].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1698:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[j].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1700:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[j].iv, testVectors[j].ivLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1865:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[0].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1868:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[0].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:1872:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[0].iv,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:2040:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey[i], testVectors[0].key,
data/intel-ipsec-mb-0.55/test/snow3g_test.c:2043:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcBuff[i], testVectors[0].plaintext, length);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:2045:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV[i], testVectors[0].iv, testVectors[0].ivLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:2193:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKey, testVectors[i].key, testVectors[i].keyLenInBytes);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:2194:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srcBuff, testVectors[i].input, inputLen);
data/intel-ipsec-mb-0.55/test/snow3g_test.c:2195:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV, testVectors[i].iv, testVectors[i].ivLenInBytes);
data/intel-ipsec-mb-0.55/test/zuc_test.c:478:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[50];
data/intel-ipsec-mb-0.55/test/zuc_test.c:482:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeys, testEEA3_vectors[i].CK, ZUC_KEY_LEN_IN_BYTES);
data/intel-ipsec-mb-0.55/test/zuc_test.c:488:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcData, testEEA3_vectors[i].plaintext, byteLength);
data/intel-ipsec-mb-0.55/test/zuc_test.c:524:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeys[i], vector.CK, ZUC_KEY_LEN_IN_BYTES);
data/intel-ipsec-mb-0.55/test/zuc_test.c:528:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcData[i], vector.plaintext, packetLen[i]);
data/intel-ipsec-mb-0.55/test/zuc_test.c:530:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcData[i], vector.ciphertext, packetLen[i]);
data/intel-ipsec-mb-0.55/test/zuc_test.c:555:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_start[50];
data/intel-ipsec-mb-0.55/test/zuc_test.c:556:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[100];
data/intel-ipsec-mb-0.55/test/zuc_test.c:693:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeys, testEIA3_vectors[i].CK, ZUC_KEY_LEN_IN_BYTES);
data/intel-ipsec-mb-0.55/test/zuc_test.c:701:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcData, testEIA3_vectors[i].message, byteLength);
data/intel-ipsec-mb-0.55/test/zuc_test.c:744:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeys[j], vector.CK, ZUC_KEY_LEN_IN_BYTES);
data/intel-ipsec-mb-0.55/test/zuc_test.c:750:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcData[j], vector.message, byteLength);
data/intel-ipsec-mb-0.55/test/zuc_test.c:790:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeys[i], vector.CK,
data/intel-ipsec-mb-0.55/test/zuc_test.c:797:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pSrcData[i], vector.message, byteLength);
data/intel-ipsec-mb-0.55/test/zuc_test.c:849:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pKeys, testZUC_vectors[i].CK, ZUC_KEY_LEN_IN_BYTES);
data/intel-ipsec-mb-0.55/test/zuc_test.c:850:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pIV, testZUC_vectors[i].IV, ZUC_IV_LEN_IN_BYTES);
data/intel-ipsec-mb-0.55/test/gcm_test.c:1316:6: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int mismatch;
data/intel-ipsec-mb-0.55/test/gcm_test.c:1320:6: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (mismatch) {
ANALYSIS SUMMARY:
Hits = 221
Lines analyzed = 72389 in approximately 2.46 seconds (29452 lines/second)
Physical Source Lines of Code (SLOC) = 54401
Hits@level = [0] 1071 [1] 2 [2] 210 [3] 5 [4] 4 [5] 0
Hits@level+ = [0+] 1292 [1+] 221 [2+] 219 [3+] 9 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 23.7496 [1+] 4.06243 [2+] 4.02566 [3+] 0.165438 [4+] 0.0735281 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.