Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libntru-0.5/src/arith.c
Examining data/libntru-0.5/src/arith.h
Examining data/libntru-0.5/src/bench.c
Examining data/libntru-0.5/src/bitstring.c
Examining data/libntru-0.5/src/bitstring.h
Examining data/libntru-0.5/src/encparams.c
Examining data/libntru-0.5/src/encparams.h
Examining data/libntru-0.5/src/err.h
Examining data/libntru-0.5/src/hash.c
Examining data/libntru-0.5/src/hash.h
Examining data/libntru-0.5/src/hybrid.c
Examining data/libntru-0.5/src/idxgen.c
Examining data/libntru-0.5/src/idxgen.h
Examining data/libntru-0.5/src/key.c
Examining data/libntru-0.5/src/key.h
Examining data/libntru-0.5/src/md_helper.c
Examining data/libntru-0.5/src/md_helper.h
Examining data/libntru-0.5/src/mgf.c
Examining data/libntru-0.5/src/mgf.h
Examining data/libntru-0.5/src/nist_aes_rijndael.h
Examining data/libntru-0.5/src/nist_config.h
Examining data/libntru-0.5/src/nist_ctr_drbg.c
Examining data/libntru-0.5/src/nist_ctr_drbg.h
Examining data/libntru-0.5/src/nist_ctr_drbg_aes256.h
Examining data/libntru-0.5/src/ntru.c
Examining data/libntru-0.5/src/ntru.h
Examining data/libntru-0.5/src/poly.c
Examining data/libntru-0.5/src/poly.h
Examining data/libntru-0.5/src/rand.c
Examining data/libntru-0.5/src/rand.h
Examining data/libntru-0.5/src/rijndael.c
Examining data/libntru-0.5/src/rijndael.h
Examining data/libntru-0.5/src/sha1.c
Examining data/libntru-0.5/src/sha2.c
Examining data/libntru-0.5/src/sph_sha1.h
Examining data/libntru-0.5/src/sph_sha2.h
Examining data/libntru-0.5/src/sph_types.h
Examining data/libntru-0.5/src/types.h
Examining data/libntru-0.5/src/ntru_endian.h
Examining data/libntru-0.5/tests/test.c
Examining data/libntru-0.5/tests/test_bitstring.c
Examining data/libntru-0.5/tests/test_bitstring.h
Examining data/libntru-0.5/tests/test_hash.c
Examining data/libntru-0.5/tests/test_hash.h
Examining data/libntru-0.5/tests/test_idxgen.c
Examining data/libntru-0.5/tests/test_idxgen.h
Examining data/libntru-0.5/tests/test_key.c
Examining data/libntru-0.5/tests/test_key.h
Examining data/libntru-0.5/tests/test_ntru.c
Examining data/libntru-0.5/tests/test_ntru.h
Examining data/libntru-0.5/tests/test_poly.c
Examining data/libntru-0.5/tests/test_poly.h
Examining data/libntru-0.5/tests/test_util.c
Examining data/libntru-0.5/tests/test_util.h
Examining data/libntru-0.5/debian/tests/example1.c
FINAL RESULTS:
data/libntru-0.5/src/hybrid.c:115:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(strcmp((char*)plain, (char*)dec)==0 ? "successful\n" : "failed\n");
data/libntru-0.5/src/key.c:255:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params->name, all[i].name);
data/libntru-0.5/tests/test_idxgen.c:17:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(rs);
data/libntru-0.5/tests/test_util.c:90:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/libntru-0.5/debian/tests/example1.c:26:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(seed, "my test password");
data/libntru-0.5/debian/tests/example1.c:36:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "whatever");
data/libntru-0.5/src/bitstring.c:27:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->buf, &a->buf, sizeof b->buf);
data/libntru-0.5/src/encparams.h:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[11];
data/libntru-0.5/src/hash.c:133:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, data_[i], len);
data/libntru-0.5/src/hash.c:176:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, data_[i], len);
data/libntru-0.5/src/hash.c:373:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, data_[i], len);
data/libntru-0.5/src/hash.c:416:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, data_[i], len);
data/libntru-0.5/src/hybrid.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plain_char[123];
data/libntru-0.5/src/hybrid.c:84:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(plain_char, "This text is too long to fit in a NTRU message, so we'll use " \
data/libntru-0.5/src/idxgen.c:30:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp_arr[j], (uint8_t*)s->Z, s->zlen);
data/libntru-0.5/src/idxgen.c:32:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp_arr[j] + s->zlen, &counter_endian, sizeof s->counter);
data/libntru-0.5/src/idxgen.c:51:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp_arr[j], (uint8_t*)s->Z, s->zlen);
data/libntru-0.5/src/idxgen.c:53:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp_arr[j] + s->zlen, &counter_endian, sizeof s->counter);
data/libntru-0.5/src/idxgen.c:68:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp, (uint8_t*)s->Z, s->zlen);
data/libntru-0.5/src/idxgen.c:70:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp + s->zlen, &counter_endian, sizeof s->counter);
data/libntru-0.5/src/idxgen.c:93:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp, (uint8_t*)s->Z, s->zlen);
data/libntru-0.5/src/idxgen.c:95:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp + s->zlen, &counter_endian, sizeof s->counter);
data/libntru-0.5/src/key.c:18:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr, &N_endian, sizeof N_endian);
data/libntru-0.5/src/key.c:23:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr, &q_endian, sizeof q_endian);
data/libntru-0.5/src/key.c:35:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&N_endian, arr_head, sizeof N_endian);
data/libntru-0.5/src/key.c:42:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&q_endian, arr_head, sizeof q_endian);
data/libntru-0.5/src/key.c:63:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr_head, &num_ones, sizeof num_ones);
data/libntru-0.5/src/key.c:66:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr_head, &num_neg_ones, sizeof num_neg_ones);
data/libntru-0.5/src/key.c:115:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr_head, &N_endian, sizeof N_endian);
data/libntru-0.5/src/key.c:120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr_head, &q_endian, sizeof q_endian);
data/libntru-0.5/src/key.c:147:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num_ones, arr_head, sizeof num_ones);
data/libntru-0.5/src/key.c:151:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num_neg_ones, arr_head, sizeof num_neg_ones);
data/libntru-0.5/src/key.c:188:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&N, arr, sizeof N);
data/libntru-0.5/src/key.c:194:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&q, arr, sizeof q);
data/libntru-0.5/src/key.c:268:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(params->oid, all[i].oid, sizeof(all[i].oid));
data/libntru-0.5/src/md_helper.c:149:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->buf + current, data, clen);
data/libntru-0.5/src/md_helper.c:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->buf, data, len);
data/libntru-0.5/src/md_helper.h:149:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->buf + current, data, clen);
data/libntru-0.5/src/md_helper.h:211:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->buf, data, len);
data/libntru-0.5/src/mgf.c:279:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp_arr[j], Z, sizeof Z);
data/libntru-0.5/src/mgf.c:280:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp_arr[j] + sizeof Z, &counter_endian, sizeof counter_endian);
data/libntru-0.5/src/mgf.c:305:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp_arr[j], Z, sizeof Z);
data/libntru-0.5/src/mgf.c:306:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp_arr[j] + sizeof Z, &counter_endian, sizeof counter_endian);
data/libntru-0.5/src/mgf.c:325:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp, Z, sizeof Z);
data/libntru-0.5/src/mgf.c:326:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp + sizeof Z, &counter_endian, sizeof counter_endian);
data/libntru-0.5/src/mgf.c:344:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&i->coeffs[cur], NTRU_MGF_TRIT_TBL[O], 10); /* copy 5 uint16_t's */
data/libntru-0.5/src/mgf.c:353:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash_inp, Z, sizeof Z);
data/libntru-0.5/src/mgf.c:354:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&hash_inp + hlen, &counter, sizeof counter);
data/libntru-0.5/src/mgf.c:356:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf, &H, hlen);
data/libntru-0.5/src/nist_ctr_drbg.c:34:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char nist_cipher_df_encrypted_iv[NIST_BLOCK_SEEDLEN / NIST_BLOCK_OUTLEN][NIST_BLOCK_OUTLEN_BYTES];
data/libntru-0.5/src/nist_ctr_drbg.c:117:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char S[NIST_BLOCK_OUTLEN_BYTES];
data/libntru-0.5/src/nist_ctr_drbg.c:159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&S[index], input_string, len);
data/libntru-0.5/src/nist_ctr_drbg.c:188:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&S[0], input_string, NIST_BLOCK_OUTLEN_BYTES);
data/libntru-0.5/src/nist_ctr_drbg.c:202:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&S[0], input_string, input_string_length);
data/libntru-0.5/src/nist_ctr_drbg.c:258:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp[0], &nist_cipher_df_encrypted_iv[j][0], NIST_BLOCK_OUTLEN_BYTES);
data/libntru-0.5/src/nist_ctr_drbg.c:297:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output_string, output_buffer, N);
data/libntru-0.5/src/nist_ctr_drbg.c:309:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[NIST_BLOCK_KEYLEN_BYTES];
data/libntru-0.5/src/nist_ctr_drbg.c:392:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *input_string[3];
data/libntru-0.5/src/nist_ctr_drbg.c:433:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char K[NIST_BLOCK_KEYLEN_BYTES];
data/libntru-0.5/src/nist_ctr_drbg.c:453:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *input_string[2];
data/libntru-0.5/src/nist_ctr_drbg.c:507:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *input_string[1];
data/libntru-0.5/src/nist_ctr_drbg.c:559:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, temp, len);
data/libntru-0.5/src/ntru.c:296:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&htrunc, &bh, pklen/8);
data/libntru-0.5/src/ntru.c:300:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seed, ¶ms->oid, oid_len);
data/libntru-0.5/src/ntru.c:302:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seed, msg, msg_len);
data/libntru-0.5/src/ntru.c:304:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seed, b, blen);
data/libntru-0.5/src/ntru.c:306:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seed, &htrunc, pklen/8);
data/libntru-0.5/src/ntru.c:392:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&M, &b, db/8);
data/libntru-0.5/src/ntru.c:396:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(M_head, msg, msg_len);
data/libntru-0.5/src/ntru.c:483:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb, cM_head, blen);
data/libntru-0.5/src/ntru.c:493:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dec, cM_head, cl);
data/libntru-0.5/src/poly.c:192:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c, z0, 2*(2*len2-1)); /* 2*len2-1 coefficients */
data/libntru-0.5/src/poly.c:310:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c, z0, 2*(2*len2-1)); /* 2*len2-1 coefficients */
data/libntru-0.5/src/poly.c:1152:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a64[i], &last, enc_last_int_valid);
data/libntru-0.5/src/poly.c:1203:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a32[i], &last, enc_last_int_valid);
data/libntru-0.5/src/poly.c:1275:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[a_idx], a_last, ((N-p_idx)*11+7)/8);
data/libntru-0.5/src/poly.c:1644:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp2, Fq, sizeof *Fq);
data/libntru-0.5/src/rand.c:27:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rand_ctx->seed, seed, seed_len);
data/libntru-0.5/src/rand.c:76:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int rand_fd = open(filename, O_RDONLY);
data/libntru-0.5/src/rand.c:166:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int rand_fd = open("/dev/urandom", O_RDONLY);
data/libntru-0.5/src/sha1.c:328:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sha1_round(const unsigned char *data, sph_u32 r[5])
data/libntru-0.5/src/sha1.c:342:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->val, IV, sizeof IV);
data/libntru-0.5/src/sha2.c:609:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sha2_round(const unsigned char *data, sph_u32 r[8])
data/libntru-0.5/src/sha2.c:623:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->val, H224, sizeof H224);
data/libntru-0.5/src/sha2.c:638:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sc->val, H256, sizeof H256);
data/libntru-0.5/src/sph_sha1.h:65:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64]; /* first field, for alignment */
data/libntru-0.5/src/sph_sha2.h:68:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64]; /* first field, for alignment */
data/libntru-0.5/src/sph_sha2.h:232:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[128]; /* first field, for alignment */
data/libntru-0.5/src/sph_types.h:1335:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1336:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = val;
data/libntru-0.5/src/sph_types.h:1342:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return ((unsigned)(((const unsigned char *)src)[0]) << 8)
data/libntru-0.5/src/sph_types.h:1343:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| (unsigned)(((const unsigned char *)src)[1]);
data/libntru-0.5/src/sph_types.h:1349:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = val;
data/libntru-0.5/src/sph_types.h:1350:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = val >> 8;
data/libntru-0.5/src/sph_types.h:1356:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (unsigned)(((const unsigned char *)src)[0])
data/libntru-0.5/src/sph_types.h:1357:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((unsigned)(((const unsigned char *)src)[1]) << 8);
data/libntru-0.5/src/sph_types.h:1382:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1383:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1384:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1385:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = val;
data/libntru-0.5/src/sph_types.h:1389:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1390:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1391:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1392:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = val;
data/libntru-0.5/src/sph_types.h:1411:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1412:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1413:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1414:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = val;
data/libntru-0.5/src/sph_types.h:1442:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return ((sph_u32)(((const unsigned char *)src)[0]) << 24)
data/libntru-0.5/src/sph_types.h:1443:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[1]) << 16)
data/libntru-0.5/src/sph_types.h:1444:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[2]) << 8)
data/libntru-0.5/src/sph_types.h:1445:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| (sph_u32)(((const unsigned char *)src)[3]);
data/libntru-0.5/src/sph_types.h:1449:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return ((sph_u32)(((const unsigned char *)src)[0]) << 24)
data/libntru-0.5/src/sph_types.h:1450:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[1]) << 16)
data/libntru-0.5/src/sph_types.h:1451:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[2]) << 8)
data/libntru-0.5/src/sph_types.h:1452:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| (sph_u32)(((const unsigned char *)src)[3]);
data/libntru-0.5/src/sph_types.h:1471:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return ((sph_u32)(((const unsigned char *)src)[0]) << 24)
data/libntru-0.5/src/sph_types.h:1472:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[1]) << 16)
data/libntru-0.5/src/sph_types.h:1473:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[2]) << 8)
data/libntru-0.5/src/sph_types.h:1474:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| (sph_u32)(((const unsigned char *)src)[3]);
data/libntru-0.5/src/sph_types.h:1500:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = val;
data/libntru-0.5/src/sph_types.h:1501:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1502:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1503:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1507:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = val;
data/libntru-0.5/src/sph_types.h:1508:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1509:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1510:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1529:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = val;
data/libntru-0.5/src/sph_types.h:1530:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1531:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1532:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1593:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (sph_u32)(((const unsigned char *)src)[0])
data/libntru-0.5/src/sph_types.h:1594:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[1]) << 8)
data/libntru-0.5/src/sph_types.h:1595:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[2]) << 16)
data/libntru-0.5/src/sph_types.h:1596:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[3]) << 24);
data/libntru-0.5/src/sph_types.h:1600:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (sph_u32)(((const unsigned char *)src)[0])
data/libntru-0.5/src/sph_types.h:1601:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[1]) << 8)
data/libntru-0.5/src/sph_types.h:1602:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[2]) << 16)
data/libntru-0.5/src/sph_types.h:1603:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[3]) << 24);
data/libntru-0.5/src/sph_types.h:1638:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (sph_u32)(((const unsigned char *)src)[0])
data/libntru-0.5/src/sph_types.h:1639:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[1]) << 8)
data/libntru-0.5/src/sph_types.h:1640:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[2]) << 16)
data/libntru-0.5/src/sph_types.h:1641:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u32)(((const unsigned char *)src)[3]) << 24);
data/libntru-0.5/src/sph_types.h:1669:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = (val >> 56);
data/libntru-0.5/src/sph_types.h:1670:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 48);
data/libntru-0.5/src/sph_types.h:1671:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 40);
data/libntru-0.5/src/sph_types.h:1672:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 32);
data/libntru-0.5/src/sph_types.h:1673:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[4] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1674:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[5] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1675:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[6] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1676:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[7] = val;
data/libntru-0.5/src/sph_types.h:1680:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = (val >> 56);
data/libntru-0.5/src/sph_types.h:1681:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 48);
data/libntru-0.5/src/sph_types.h:1682:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 40);
data/libntru-0.5/src/sph_types.h:1683:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 32);
data/libntru-0.5/src/sph_types.h:1684:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[4] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1685:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[5] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1686:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[6] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1687:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[7] = val;
data/libntru-0.5/src/sph_types.h:1706:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = (val >> 56);
data/libntru-0.5/src/sph_types.h:1707:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 48);
data/libntru-0.5/src/sph_types.h:1708:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 40);
data/libntru-0.5/src/sph_types.h:1709:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 32);
data/libntru-0.5/src/sph_types.h:1710:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[4] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1711:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[5] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1712:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[6] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1713:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[7] = val;
data/libntru-0.5/src/sph_types.h:1741:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return ((sph_u64)(((const unsigned char *)src)[0]) << 56)
data/libntru-0.5/src/sph_types.h:1742:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[1]) << 48)
data/libntru-0.5/src/sph_types.h:1743:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[2]) << 40)
data/libntru-0.5/src/sph_types.h:1744:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[3]) << 32)
data/libntru-0.5/src/sph_types.h:1745:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[4]) << 24)
data/libntru-0.5/src/sph_types.h:1746:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[5]) << 16)
data/libntru-0.5/src/sph_types.h:1747:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[6]) << 8)
data/libntru-0.5/src/sph_types.h:1748:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| (sph_u64)(((const unsigned char *)src)[7]);
data/libntru-0.5/src/sph_types.h:1752:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return ((sph_u64)(((const unsigned char *)src)[0]) << 56)
data/libntru-0.5/src/sph_types.h:1753:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[1]) << 48)
data/libntru-0.5/src/sph_types.h:1754:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[2]) << 40)
data/libntru-0.5/src/sph_types.h:1755:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[3]) << 32)
data/libntru-0.5/src/sph_types.h:1756:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[4]) << 24)
data/libntru-0.5/src/sph_types.h:1757:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[5]) << 16)
data/libntru-0.5/src/sph_types.h:1758:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[6]) << 8)
data/libntru-0.5/src/sph_types.h:1759:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| (sph_u64)(((const unsigned char *)src)[7]);
data/libntru-0.5/src/sph_types.h:1778:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return ((sph_u64)(((const unsigned char *)src)[0]) << 56)
data/libntru-0.5/src/sph_types.h:1779:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[1]) << 48)
data/libntru-0.5/src/sph_types.h:1780:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[2]) << 40)
data/libntru-0.5/src/sph_types.h:1781:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[3]) << 32)
data/libntru-0.5/src/sph_types.h:1782:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[4]) << 24)
data/libntru-0.5/src/sph_types.h:1783:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[5]) << 16)
data/libntru-0.5/src/sph_types.h:1784:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[6]) << 8)
data/libntru-0.5/src/sph_types.h:1785:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| (sph_u64)(((const unsigned char *)src)[7]);
data/libntru-0.5/src/sph_types.h:1811:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = val;
data/libntru-0.5/src/sph_types.h:1812:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1813:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1814:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1815:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[4] = (val >> 32);
data/libntru-0.5/src/sph_types.h:1816:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[5] = (val >> 40);
data/libntru-0.5/src/sph_types.h:1817:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[6] = (val >> 48);
data/libntru-0.5/src/sph_types.h:1818:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[7] = (val >> 56);
data/libntru-0.5/src/sph_types.h:1822:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = val;
data/libntru-0.5/src/sph_types.h:1823:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1824:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1825:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1826:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[4] = (val >> 32);
data/libntru-0.5/src/sph_types.h:1827:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[5] = (val >> 40);
data/libntru-0.5/src/sph_types.h:1828:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[6] = (val >> 48);
data/libntru-0.5/src/sph_types.h:1829:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[7] = (val >> 56);
data/libntru-0.5/src/sph_types.h:1848:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[0] = val;
data/libntru-0.5/src/sph_types.h:1849:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[1] = (val >> 8);
data/libntru-0.5/src/sph_types.h:1850:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[2] = (val >> 16);
data/libntru-0.5/src/sph_types.h:1851:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[3] = (val >> 24);
data/libntru-0.5/src/sph_types.h:1852:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[4] = (val >> 32);
data/libntru-0.5/src/sph_types.h:1853:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[5] = (val >> 40);
data/libntru-0.5/src/sph_types.h:1854:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[6] = (val >> 48);
data/libntru-0.5/src/sph_types.h:1855:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)dst)[7] = (val >> 56);
data/libntru-0.5/src/sph_types.h:1905:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (sph_u64)(((const unsigned char *)src)[0])
data/libntru-0.5/src/sph_types.h:1906:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[1]) << 8)
data/libntru-0.5/src/sph_types.h:1907:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[2]) << 16)
data/libntru-0.5/src/sph_types.h:1908:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[3]) << 24)
data/libntru-0.5/src/sph_types.h:1909:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[4]) << 32)
data/libntru-0.5/src/sph_types.h:1910:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[5]) << 40)
data/libntru-0.5/src/sph_types.h:1911:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[6]) << 48)
data/libntru-0.5/src/sph_types.h:1912:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[7]) << 56);
data/libntru-0.5/src/sph_types.h:1916:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (sph_u64)(((const unsigned char *)src)[0])
data/libntru-0.5/src/sph_types.h:1917:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[1]) << 8)
data/libntru-0.5/src/sph_types.h:1918:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[2]) << 16)
data/libntru-0.5/src/sph_types.h:1919:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[3]) << 24)
data/libntru-0.5/src/sph_types.h:1920:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[4]) << 32)
data/libntru-0.5/src/sph_types.h:1921:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[5]) << 40)
data/libntru-0.5/src/sph_types.h:1922:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[6]) << 48)
data/libntru-0.5/src/sph_types.h:1923:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[7]) << 56);
data/libntru-0.5/src/sph_types.h:1961:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (sph_u64)(((const unsigned char *)src)[0])
data/libntru-0.5/src/sph_types.h:1962:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[1]) << 8)
data/libntru-0.5/src/sph_types.h:1963:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[2]) << 16)
data/libntru-0.5/src/sph_types.h:1964:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[3]) << 24)
data/libntru-0.5/src/sph_types.h:1965:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[4]) << 32)
data/libntru-0.5/src/sph_types.h:1966:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[5]) << 40)
data/libntru-0.5/src/sph_types.h:1967:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[6]) << 48)
data/libntru-0.5/src/sph_types.h:1968:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
| ((sph_u64)(((const unsigned char *)src)[7]) << 56);
data/libntru-0.5/tests/test_ntru.c:82:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seed2_char[19];
data/libntru-0.5/tests/test_ntru.c:83:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(seed2_char, "my test password");
data/libntru-0.5/tests/test_ntru.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plain_seed_char[25];
data/libntru-0.5/tests/test_ntru.c:184:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(plain_seed_char, "seed value for plaintext");
data/libntru-0.5/tests/test_ntru.c:191:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(plain2, plain, max_len);
data/libntru-0.5/tests/test_ntru.c:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seed_char[11];
data/libntru-0.5/tests/test_ntru.c:197:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(seed_char, "seed value");
data/libntru-0.5/tests/test_ntru.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seed2_char[11];
data/libntru-0.5/tests/test_ntru.c:201:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(seed2_char, "seed value");
data/libntru-0.5/debian/tests/example1.c:29:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ntru_rand_init_det(&rand_ctx_ctr_drbg, &rng_ctr_drbg, seed, strlen(seed)) != NTRU_SUCCESS)
data/libntru-0.5/debian/tests/example1.c:38:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ntru_encrypt(msg, strlen(msg), &kp.pub, ¶ms, &rand_ctx_def, enc) != NTRU_SUCCESS)
data/libntru-0.5/src/hybrid.c:86:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t plain[strlen(plain_char)];
data/libntru-0.5/src/hybrid.c:88:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(plain_char); i++)
data/libntru-0.5/src/hybrid.c:101:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t enc[ntru_enc_len(&NTRU_DEFAULT_PARAMS_128_BITS)+strlen(plain_char)+16];
data/libntru-0.5/src/hybrid.c:103:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ntru_encrypt_hybrid(plain, strlen(plain_char), &kp.pub, &NTRU_DEFAULT_PARAMS_128_BITS, &rand_ctx, enc, &enc_len) != NTRU_SUCCESS)
data/libntru-0.5/src/rand.c:92:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t bytes_read = read(rand_fd, rand_data, len);
data/libntru-0.5/src/rand.c:131:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t pers_string_size = strlen(NTRU_PERS_STRING) * sizeof(NTRU_PERS_STRING[0]);
data/libntru-0.5/src/rand.c:170:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t bytes_read = read(rand_fd, buffer, len);
data/libntru-0.5/src/rand.c:187:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t pers_string_size = strlen(NTRU_PERS_STRING) * sizeof(NTRU_PERS_STRING[0]);
data/libntru-0.5/tests/test_hash.c:9:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(test_string_char);
data/libntru-0.5/tests/test_ntru.c:38:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t seed_len = strlen(seed);
data/libntru-0.5/tests/test_ntru.c:84:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t seed2[strlen(seed2_char)];
data/libntru-0.5/tests/test_ntru.c:89:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ntru_rand_init_det(&rand_ctx2, &rng, seed2, strlen(seed2_char));
data/libntru-0.5/tests/test_ntru.c:187:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valid &= ntru_rand_init_det(&rand_ctx_plaintext, &rng_plaintext, plain_seed, strlen(plain_seed_char)) == NTRU_SUCCESS;
data/libntru-0.5/tests/test_ntru.c:207:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valid &= ntru_rand_init_det(&rand_ctx, &rng, seed, strlen(seed_char)) == NTRU_SUCCESS;
data/libntru-0.5/tests/test_ntru.c:210:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valid &= ntru_rand_init_det(&rand_ctx2, &rng2, seed2, strlen(seed2_char)) == NTRU_SUCCESS;
data/libntru-0.5/tests/test_util.c:104:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= strcmp(params1->name, params2->name) == 0;
data/libntru-0.5/tests/test_util.c:105:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->N == params2->N;
data/libntru-0.5/tests/test_util.c:106:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->q == params2->q;
data/libntru-0.5/tests/test_util.c:107:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->prod_flag == params2->prod_flag;
data/libntru-0.5/tests/test_util.c:108:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->df1 == params2->df1;
data/libntru-0.5/tests/test_util.c:110:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->df2 == params2->df2;
data/libntru-0.5/tests/test_util.c:111:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->df3 == params2->df3;
data/libntru-0.5/tests/test_util.c:113:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->dm0 == params2->dm0;
data/libntru-0.5/tests/test_util.c:114:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->db == params2->db;
data/libntru-0.5/tests/test_util.c:115:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->c == params2->c;
data/libntru-0.5/tests/test_util.c:116:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->min_calls_r == params2->min_calls_r;
data/libntru-0.5/tests/test_util.c:117:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->min_calls_mask == params2->min_calls_mask;
data/libntru-0.5/tests/test_util.c:118:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->hash_seed == params2->hash_seed;
data/libntru-0.5/tests/test_util.c:119:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= memcmp(params1->oid, params2->oid, sizeof(params1->oid)) == 0;
data/libntru-0.5/tests/test_util.c:120:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= equals_hash_func(params1->hash, params2->hash, params1->hlen);
data/libntru-0.5/tests/test_util.c:121:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->hlen == params2->hlen;
data/libntru-0.5/tests/test_util.c:122:5: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
equal &= params1->pklen == params2->pklen;
data/libntru-0.5/tests/test_util.c:123:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/libntru-0.5/tests/test_util.c:180:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(in);
ANALYSIS SUMMARY:
Hits = 285
Lines analyzed = 13798 in approximately 0.48 seconds (29021 lines/second)
Physical Source Lines of Code (SLOC) = 9379
Hits@level = [0] 27 [1] 36 [2] 245 [3] 2 [4] 2 [5] 0
Hits@level+ = [0+] 312 [1+] 285 [2+] 249 [3+] 4 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 33.2658 [1+] 30.387 [2+] 26.5487 [3+] 0.426485 [4+] 0.213242 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.