Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mrtdreader-0.1.6/src/bac.c
Examining data/mrtdreader-0.1.6/src/bac.h
Examining data/mrtdreader-0.1.6/src/bachelper.c
Examining data/mrtdreader-0.1.6/src/bachelper.h
Examining data/mrtdreader-0.1.6/src/crypto-gcrypt.c
Examining data/mrtdreader-0.1.6/src/crypto-tomcrypt.c
Examining data/mrtdreader-0.1.6/src/crypto.h
Examining data/mrtdreader-0.1.6/src/fileread.c
Examining data/mrtdreader-0.1.6/src/fileread.h
Examining data/mrtdreader-0.1.6/src/hardware.c
Examining data/mrtdreader-0.1.6/src/mrtd.h
Examining data/mrtdreader-0.1.6/src/mrtdreader.c
Examining data/mrtdreader-0.1.6/test/test1.c
FINAL RESULTS:
data/mrtdreader-0.1.6/src/mrtdreader.c:74:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((s = getopt(argc, argv, "p:b:e:")) != -1) {
data/mrtdreader-0.1.6/src/mrtdreader.c:156:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/mrtdreader-0.1.6/src/bac.c:42:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(txbuffer, "\x00\xa4\x04\x0c\x07\xa0\x00\x00\x02\x47\x10\x01", txlen);
data/mrtdreader-0.1.6/src/bac.c:53:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(txbuffer, "\x00\x84\x00\x00\x08", txlen);
data/mrtdreader-0.1.6/src/bac.c:64:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(remotechallenge,rxbuffer,8);
data/mrtdreader-0.1.6/src/bac.c:77:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(txbuffer, "\x00\x82\x00\x00\x28", 5);
data/mrtdreader-0.1.6/src/bac.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(txbuffer+5,cmd_data,40);
data/mrtdreader-0.1.6/src/bachelper.c:48:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hash,input,16);
data/mrtdreader-0.1.6/src/bachelper.c:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hash+16,"\x00\x00\x00\x01",4);
data/mrtdreader-0.1.6/src/bachelper.c:52:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kenc,kenc_tmp,16);
data/mrtdreader-0.1.6/src/bachelper.c:57:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kmac,kmac_tmp,16);
data/mrtdreader-0.1.6/src/bachelper.c:70:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S,rnd_ifd,8);
data/mrtdreader-0.1.6/src/bachelper.c:71:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S+8,remote_challenge,8);
data/mrtdreader-0.1.6/src/bachelper.c:72:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S+16,kifd,16);
data/mrtdreader-0.1.6/src/bachelper.c:98:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rnd_icc,decryptedresp,8);
data/mrtdreader-0.1.6/src/bachelper.c:100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kicc,decryptedresp+16,16);
data/mrtdreader-0.1.6/src/bachelper.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssc[8];
data/mrtdreader-0.1.6/src/bachelper.c:115:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssc,remote_challenge+4,4);
data/mrtdreader-0.1.6/src/bachelper.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssc+4,rnd_ifd+4,4);
data/mrtdreader-0.1.6/src/bachelper.c:231:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(A+8,padded_command,8);
data/mrtdreader-0.1.6/src/bachelper.c:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(A+16,do87,do87_length);
data/mrtdreader-0.1.6/src/bachelper.c:235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(A+16+do87_length,do97,do97_length);
data/mrtdreader-0.1.6/src/bachelper.c:244:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,padded_command,4);
data/mrtdreader-0.1.6/src/bachelper.c:247:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+5,do87,do87_length);
data/mrtdreader-0.1.6/src/bachelper.c:249:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+5+do87_length,do97,do97_length);
data/mrtdreader-0.1.6/src/bachelper.c:250:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+5+do87_length+do97_length,do8e,10);
data/mrtdreader-0.1.6/src/bachelper.c:320:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,pn,len);
data/mrtdreader-0.1.6/src/bachelper.c:324:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,pn,9);
data/mrtdreader-0.1.6/src/bachelper.c:330:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+10,dob,6);
data/mrtdreader-0.1.6/src/bachelper.c:334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+17,eov,6);
data/mrtdreader-0.1.6/src/bachelper.c:347:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pn,mrz,9);
data/mrtdreader-0.1.6/src/bachelper.c:348:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dob,mrz+13,6);
data/mrtdreader-0.1.6/src/bachelper.c:349:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eov,mrz+21,6);
data/mrtdreader-0.1.6/src/crypto-gcrypt.c:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(longkey,key,16);
data/mrtdreader-0.1.6/src/crypto-gcrypt.c:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(longkey+16,key,8);
data/mrtdreader-0.1.6/src/crypto-gcrypt.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,input,length);
data/mrtdreader-0.1.6/src/crypto-gcrypt.c:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,input,*newlength);
data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IV[8];
data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char longkey[24];
data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IV[8];
data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:84:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(longkey,key,16);
data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(longkey+16,key,8);
data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,input,length);
data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:168:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,input,*newlength);
data/mrtdreader-0.1.6/src/fileread.c:55:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unprotected,"\x00\xa4\x02\x0c\x02\x01\x1e",5);
data/mrtdreader-0.1.6/src/fileread.c:56:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unprotected+5,file_index,2);
data/mrtdreader-0.1.6/src/fileread.c:77:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unprotected,"\x00\xb0\x00\x00\x04",unprotectedlength);
data/mrtdreader-0.1.6/src/fileread.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+already_received,unprotected,unprotectedlength);
data/mrtdreader-0.1.6/src/fileread.c:133:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unprotected,"\x00\xb0\x00\x00\x00",unprotectedlength);
data/mrtdreader-0.1.6/src/fileread.c:158:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+already_received,unprotected,unprotectedlength);
data/mrtdreader-0.1.6/src/fileread.c:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filenamebuf[256];
data/mrtdreader-0.1.6/src/fileread.c:176:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char start_sequence_jpeg[10] = {0xff,0xd8,0xff,0xe0,0x00,0x10,0x4a,0x46,0x49,0x46};
data/mrtdreader-0.1.6/src/fileread.c:177:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char start_sequence_jpeg2000[10] = {0x00,0x00,0x00,0x0c,0x6a,0x50,0x20,0x20,0x0d,0x0a};
data/mrtdreader-0.1.6/src/fileread.c:186:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(filenamebuf, filename, baselength);
data/mrtdreader-0.1.6/src/fileread.c:188:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(filenamebuf+baselength,".jpg",4);
data/mrtdreader-0.1.6/src/fileread.c:193:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(filenamebuf+baselength,".jp2",4);
data/mrtdreader-0.1.6/src/fileread.c:223:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(filenamebuf,"w");
data/mrtdreader-0.1.6/src/fileread.c:237:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x60): sprintf(name,"EF_COM"); break;
data/mrtdreader-0.1.6/src/fileread.c:238:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x61): sprintf(name,"EF_DG1"); break;
data/mrtdreader-0.1.6/src/fileread.c:239:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x75): sprintf(name,"EF_DG2"); break;
data/mrtdreader-0.1.6/src/fileread.c:240:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x63): sprintf(name,"EF_DG3"); break;
data/mrtdreader-0.1.6/src/fileread.c:241:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x76): sprintf(name,"EF_DG4"); break;
data/mrtdreader-0.1.6/src/fileread.c:242:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x65): sprintf(name,"EF_DG5"); break;
data/mrtdreader-0.1.6/src/fileread.c:243:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x66): sprintf(name,"EF_DG6"); break;
data/mrtdreader-0.1.6/src/fileread.c:244:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x67): sprintf(name,"EF_DG7"); break;
data/mrtdreader-0.1.6/src/fileread.c:245:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x68): sprintf(name,"EF_DG8"); break;
data/mrtdreader-0.1.6/src/fileread.c:246:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x69): sprintf(name,"EF_DG9"); break;
data/mrtdreader-0.1.6/src/fileread.c:247:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x6a): sprintf(name,"EF_DG10"); break;
data/mrtdreader-0.1.6/src/fileread.c:248:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x6b): sprintf(name,"EF_DG11"); break;
data/mrtdreader-0.1.6/src/fileread.c:249:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x6c): sprintf(name,"EF_DG12"); break;
data/mrtdreader-0.1.6/src/fileread.c:250:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x6d): sprintf(name,"EF_DG13"); break;
data/mrtdreader-0.1.6/src/fileread.c:251:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x6e): sprintf(name,"EF_DG14"); break;
data/mrtdreader-0.1.6/src/fileread.c:252:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x6f): sprintf(name,"EF_DG15"); break;
data/mrtdreader-0.1.6/src/fileread.c:253:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x70): sprintf(name,"EF_DG16"); break;
data/mrtdreader-0.1.6/src/fileread.c:254:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case(0x77): sprintf(name,"EF_SOD"); break;
data/mrtdreader-0.1.6/src/fileread.c:255:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(name,"not defined"); break;
data/mrtdreader-0.1.6/src/fileread.c:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/mrtdreader-0.1.6/src/mrtdreader.c:78:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pn,optarg,strlen(optarg));
data/mrtdreader-0.1.6/src/mrtdreader.c:82:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dob,optarg,strlen(optarg));
data/mrtdreader-0.1.6/src/mrtdreader.c:86:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eov,optarg,strlen(optarg));
data/mrtdreader-0.1.6/test/test1.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remotechallenge[8] = {0x46,0x08,0xf9,0x19,0x88,0x70,0x22,0x12};
data/mrtdreader-0.1.6/test/test1.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rnd_ifd[8] = {0x78,0x17,0x23,0x86,0x0c,0x06,0xc2,0x26};
data/mrtdreader-0.1.6/test/test1.c:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kifd[16] = {0x0b,0x79,0x52,0x40,0xcb,0x70,0x49,0xb0,0x1c,0x19,0xb3,0x3e,0x32,0x80,0x4f,0x0b};
data/mrtdreader-0.1.6/test/test1.c:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rx_data[40] = {0x46,0xB9,0x34,0x2A,0x41,0x39,0x6C,0xD7,0x38,0x6B,0xF5,0x80,0x31,0x04,0xD7,0xCE,0xDC,0x12,0x2B,0x91,0x32,0x13,0x9B,0xAF,0x2E,0xED,0xC9,0x4E,0xE1,0x78,0x53,0x4F,0x2f,0x2D,0x23,0x5D,0x07,0x4D,0x74,0x49};
data/mrtdreader-0.1.6/test/test1.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kmrz[25];
data/mrtdreader-0.1.6/test/test1.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kenc[16];
data/mrtdreader-0.1.6/test/test1.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kmac[16];
data/mrtdreader-0.1.6/test/test1.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_data[40];
data/mrtdreader-0.1.6/test/test1.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rnd_icc[8];
data/mrtdreader-0.1.6/test/test1.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kicc[16];
data/mrtdreader-0.1.6/test/test1.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xored[16];
data/mrtdreader-0.1.6/test/test1.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ksenc[16];
data/mrtdreader-0.1.6/test/test1.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ksmac[16];
data/mrtdreader-0.1.6/src/bachelper.c:318:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pn);
data/mrtdreader-0.1.6/src/fileread.c:182:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) > 3 && filename[strlen(filename)-4] == '.')
data/mrtdreader-0.1.6/src/fileread.c:182:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) > 3 && filename[strlen(filename)-4] == '.')
data/mrtdreader-0.1.6/src/fileread.c:183:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
baselength = strlen(filename)-4;
data/mrtdreader-0.1.6/src/fileread.c:185:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
baselength = strlen(filename);
data/mrtdreader-0.1.6/src/fileread.c:213:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(equal) {
data/mrtdreader-0.1.6/src/fileread.c:218:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!equal){
data/mrtdreader-0.1.6/src/mrtdreader.c:77:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pn = malloc(strlen(optarg)+1);
data/mrtdreader-0.1.6/src/mrtdreader.c:78:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(pn,optarg,strlen(optarg));
data/mrtdreader-0.1.6/src/mrtdreader.c:81:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dob = malloc(strlen(optarg)+1);
data/mrtdreader-0.1.6/src/mrtdreader.c:82:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(dob,optarg,strlen(optarg));
data/mrtdreader-0.1.6/src/mrtdreader.c:85:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eov = malloc(strlen(optarg)+1);
data/mrtdreader-0.1.6/src/mrtdreader.c:86:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(eov,optarg,strlen(optarg));
data/mrtdreader-0.1.6/src/mrtdreader.c:124:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlength = strlen(extra_argument);
data/mrtdreader-0.1.6/test/test1.c:44:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kmrz,mrp_number,9);
data/mrtdreader-0.1.6/test/test1.c:45:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kmrz+9,mrp_numbercd,1);
data/mrtdreader-0.1.6/test/test1.c:46:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kmrz+10,mrp_dob,6);
data/mrtdreader-0.1.6/test/test1.c:47:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kmrz+16,mrp_dobcd,1);
data/mrtdreader-0.1.6/test/test1.c:48:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kmrz+17,mrp_expiry,6);
data/mrtdreader-0.1.6/test/test1.c:49:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(kmrz+23,mrp_expirycd,1);
ANALYSIS SUMMARY:
Hits = 113
Lines analyzed = 1792 in approximately 0.09 seconds (20804 lines/second)
Physical Source Lines of Code (SLOC) = 1300
Hits@level = [0] 63 [1] 20 [2] 91 [3] 2 [4] 0 [5] 0
Hits@level+ = [0+] 176 [1+] 113 [2+] 93 [3+] 2 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 135.385 [1+] 86.9231 [2+] 71.5385 [3+] 1.53846 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.