Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/mrtdreader-0.1.6/src/bac.c Examining data/mrtdreader-0.1.6/src/bac.h Examining data/mrtdreader-0.1.6/src/bachelper.c Examining data/mrtdreader-0.1.6/src/bachelper.h Examining data/mrtdreader-0.1.6/src/crypto-gcrypt.c Examining data/mrtdreader-0.1.6/src/crypto-tomcrypt.c Examining data/mrtdreader-0.1.6/src/crypto.h Examining data/mrtdreader-0.1.6/src/fileread.c Examining data/mrtdreader-0.1.6/src/fileread.h Examining data/mrtdreader-0.1.6/src/hardware.c Examining data/mrtdreader-0.1.6/src/mrtd.h Examining data/mrtdreader-0.1.6/src/mrtdreader.c Examining data/mrtdreader-0.1.6/test/test1.c FINAL RESULTS: data/mrtdreader-0.1.6/src/mrtdreader.c:74:13: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((s = getopt(argc, argv, "p:b:e:")) != -1) { data/mrtdreader-0.1.6/src/mrtdreader.c:156:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/mrtdreader-0.1.6/src/bac.c:42:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(txbuffer, "\x00\xa4\x04\x0c\x07\xa0\x00\x00\x02\x47\x10\x01", txlen); data/mrtdreader-0.1.6/src/bac.c:53:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(txbuffer, "\x00\x84\x00\x00\x08", txlen); data/mrtdreader-0.1.6/src/bac.c:64:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(remotechallenge,rxbuffer,8); data/mrtdreader-0.1.6/src/bac.c:77:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(txbuffer, "\x00\x82\x00\x00\x28", 5); data/mrtdreader-0.1.6/src/bac.c:78:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(txbuffer+5,cmd_data,40); data/mrtdreader-0.1.6/src/bachelper.c:48:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hash,input,16); data/mrtdreader-0.1.6/src/bachelper.c:49:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hash+16,"\x00\x00\x00\x01",4); data/mrtdreader-0.1.6/src/bachelper.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kenc,kenc_tmp,16); data/mrtdreader-0.1.6/src/bachelper.c:57:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kmac,kmac_tmp,16); data/mrtdreader-0.1.6/src/bachelper.c:70:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(S,rnd_ifd,8); data/mrtdreader-0.1.6/src/bachelper.c:71:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(S+8,remote_challenge,8); data/mrtdreader-0.1.6/src/bachelper.c:72:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(S+16,kifd,16); data/mrtdreader-0.1.6/src/bachelper.c:98:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rnd_icc,decryptedresp,8); data/mrtdreader-0.1.6/src/bachelper.c:100:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kicc,decryptedresp+16,16); data/mrtdreader-0.1.6/src/bachelper.c:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ssc[8]; data/mrtdreader-0.1.6/src/bachelper.c:115:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ssc,remote_challenge+4,4); data/mrtdreader-0.1.6/src/bachelper.c:116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ssc+4,rnd_ifd+4,4); data/mrtdreader-0.1.6/src/bachelper.c:231:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(A+8,padded_command,8); data/mrtdreader-0.1.6/src/bachelper.c:233:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(A+16,do87,do87_length); data/mrtdreader-0.1.6/src/bachelper.c:235:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(A+16+do87_length,do97,do97_length); data/mrtdreader-0.1.6/src/bachelper.c:244:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output,padded_command,4); data/mrtdreader-0.1.6/src/bachelper.c:247:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output+5,do87,do87_length); data/mrtdreader-0.1.6/src/bachelper.c:249:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output+5+do87_length,do97,do97_length); data/mrtdreader-0.1.6/src/bachelper.c:250:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output+5+do87_length+do97_length,do8e,10); data/mrtdreader-0.1.6/src/bachelper.c:320:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output,pn,len); data/mrtdreader-0.1.6/src/bachelper.c:324:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output,pn,9); data/mrtdreader-0.1.6/src/bachelper.c:330:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output+10,dob,6); data/mrtdreader-0.1.6/src/bachelper.c:334:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output+17,eov,6); data/mrtdreader-0.1.6/src/bachelper.c:347:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pn,mrz,9); data/mrtdreader-0.1.6/src/bachelper.c:348:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dob,mrz+13,6); data/mrtdreader-0.1.6/src/bachelper.c:349:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(eov,mrz+21,6); data/mrtdreader-0.1.6/src/crypto-gcrypt.c:68:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(longkey,key,16); data/mrtdreader-0.1.6/src/crypto-gcrypt.c:69:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(longkey+16,key,8); data/mrtdreader-0.1.6/src/crypto-gcrypt.c:116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output,input,length); data/mrtdreader-0.1.6/src/crypto-gcrypt.c:139:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output,input,*newlength); data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char IV[8]; data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char longkey[24]; data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:82:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char IV[8]; data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:84:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(longkey,key,16); data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:85:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(longkey+16,key,8); data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:145:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output,input,length); data/mrtdreader-0.1.6/src/crypto-tomcrypt.c:168:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output,input,*newlength); data/mrtdreader-0.1.6/src/fileread.c:55:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(unprotected,"\x00\xa4\x02\x0c\x02\x01\x1e",5); data/mrtdreader-0.1.6/src/fileread.c:56:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(unprotected+5,file_index,2); data/mrtdreader-0.1.6/src/fileread.c:77:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(unprotected,"\x00\xb0\x00\x00\x04",unprotectedlength); data/mrtdreader-0.1.6/src/fileread.c:93:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output+already_received,unprotected,unprotectedlength); data/mrtdreader-0.1.6/src/fileread.c:133:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(unprotected,"\x00\xb0\x00\x00\x00",unprotectedlength); data/mrtdreader-0.1.6/src/fileread.c:158:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output+already_received,unprotected,unprotectedlength); data/mrtdreader-0.1.6/src/fileread.c:174:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filenamebuf[256]; data/mrtdreader-0.1.6/src/fileread.c:176:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char start_sequence_jpeg[10] = {0xff,0xd8,0xff,0xe0,0x00,0x10,0x4a,0x46,0x49,0x46}; data/mrtdreader-0.1.6/src/fileread.c:177:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char start_sequence_jpeg2000[10] = {0x00,0x00,0x00,0x0c,0x6a,0x50,0x20,0x20,0x0d,0x0a}; data/mrtdreader-0.1.6/src/fileread.c:186:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filenamebuf, filename, baselength); data/mrtdreader-0.1.6/src/fileread.c:188:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filenamebuf+baselength,".jpg",4); data/mrtdreader-0.1.6/src/fileread.c:193:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filenamebuf+baselength,".jp2",4); data/mrtdreader-0.1.6/src/fileread.c:223:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out = fopen(filenamebuf,"w"); data/mrtdreader-0.1.6/src/fileread.c:237:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x60): sprintf(name,"EF_COM"); break; data/mrtdreader-0.1.6/src/fileread.c:238:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x61): sprintf(name,"EF_DG1"); break; data/mrtdreader-0.1.6/src/fileread.c:239:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x75): sprintf(name,"EF_DG2"); break; data/mrtdreader-0.1.6/src/fileread.c:240:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x63): sprintf(name,"EF_DG3"); break; data/mrtdreader-0.1.6/src/fileread.c:241:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x76): sprintf(name,"EF_DG4"); break; data/mrtdreader-0.1.6/src/fileread.c:242:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x65): sprintf(name,"EF_DG5"); break; data/mrtdreader-0.1.6/src/fileread.c:243:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x66): sprintf(name,"EF_DG6"); break; data/mrtdreader-0.1.6/src/fileread.c:244:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x67): sprintf(name,"EF_DG7"); break; data/mrtdreader-0.1.6/src/fileread.c:245:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x68): sprintf(name,"EF_DG8"); break; data/mrtdreader-0.1.6/src/fileread.c:246:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x69): sprintf(name,"EF_DG9"); break; data/mrtdreader-0.1.6/src/fileread.c:247:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x6a): sprintf(name,"EF_DG10"); break; data/mrtdreader-0.1.6/src/fileread.c:248:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x6b): sprintf(name,"EF_DG11"); break; data/mrtdreader-0.1.6/src/fileread.c:249:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x6c): sprintf(name,"EF_DG12"); break; data/mrtdreader-0.1.6/src/fileread.c:250:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x6d): sprintf(name,"EF_DG13"); break; data/mrtdreader-0.1.6/src/fileread.c:251:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x6e): sprintf(name,"EF_DG14"); break; data/mrtdreader-0.1.6/src/fileread.c:252:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x6f): sprintf(name,"EF_DG15"); break; data/mrtdreader-0.1.6/src/fileread.c:253:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x70): sprintf(name,"EF_DG16"); break; data/mrtdreader-0.1.6/src/fileread.c:254:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case(0x77): sprintf(name,"EF_SOD"); break; data/mrtdreader-0.1.6/src/fileread.c:255:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default: sprintf(name,"not defined"); break; data/mrtdreader-0.1.6/src/fileread.c:297:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[30]; data/mrtdreader-0.1.6/src/mrtdreader.c:78:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pn,optarg,strlen(optarg)); data/mrtdreader-0.1.6/src/mrtdreader.c:82:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dob,optarg,strlen(optarg)); data/mrtdreader-0.1.6/src/mrtdreader.c:86:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(eov,optarg,strlen(optarg)); data/mrtdreader-0.1.6/test/test1.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remotechallenge[8] = {0x46,0x08,0xf9,0x19,0x88,0x70,0x22,0x12}; data/mrtdreader-0.1.6/test/test1.c:29:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rnd_ifd[8] = {0x78,0x17,0x23,0x86,0x0c,0x06,0xc2,0x26}; data/mrtdreader-0.1.6/test/test1.c:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kifd[16] = {0x0b,0x79,0x52,0x40,0xcb,0x70,0x49,0xb0,0x1c,0x19,0xb3,0x3e,0x32,0x80,0x4f,0x0b}; data/mrtdreader-0.1.6/test/test1.c:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rx_data[40] = {0x46,0xB9,0x34,0x2A,0x41,0x39,0x6C,0xD7,0x38,0x6B,0xF5,0x80,0x31,0x04,0xD7,0xCE,0xDC,0x12,0x2B,0x91,0x32,0x13,0x9B,0xAF,0x2E,0xED,0xC9,0x4E,0xE1,0x78,0x53,0x4F,0x2f,0x2D,0x23,0x5D,0x07,0x4D,0x74,0x49}; data/mrtdreader-0.1.6/test/test1.c:33:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kmrz[25]; data/mrtdreader-0.1.6/test/test1.c:34:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kenc[16]; data/mrtdreader-0.1.6/test/test1.c:35:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kmac[16]; data/mrtdreader-0.1.6/test/test1.c:36:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_data[40]; data/mrtdreader-0.1.6/test/test1.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rnd_icc[8]; data/mrtdreader-0.1.6/test/test1.c:38:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char kicc[16]; data/mrtdreader-0.1.6/test/test1.c:39:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xored[16]; data/mrtdreader-0.1.6/test/test1.c:40:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ksenc[16]; data/mrtdreader-0.1.6/test/test1.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ksmac[16]; data/mrtdreader-0.1.6/src/bachelper.c:318:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(pn); data/mrtdreader-0.1.6/src/fileread.c:182:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(filename) > 3 && filename[strlen(filename)-4] == '.') data/mrtdreader-0.1.6/src/fileread.c:182:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(filename) > 3 && filename[strlen(filename)-4] == '.') data/mrtdreader-0.1.6/src/fileread.c:183:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). baselength = strlen(filename)-4; data/mrtdreader-0.1.6/src/fileread.c:185:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). baselength = strlen(filename); data/mrtdreader-0.1.6/src/fileread.c:213:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(equal) { data/mrtdreader-0.1.6/src/fileread.c:218:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!equal){ data/mrtdreader-0.1.6/src/mrtdreader.c:77:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pn = malloc(strlen(optarg)+1); data/mrtdreader-0.1.6/src/mrtdreader.c:78:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(pn,optarg,strlen(optarg)); data/mrtdreader-0.1.6/src/mrtdreader.c:81:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dob = malloc(strlen(optarg)+1); data/mrtdreader-0.1.6/src/mrtdreader.c:82:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(dob,optarg,strlen(optarg)); data/mrtdreader-0.1.6/src/mrtdreader.c:85:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). eov = malloc(strlen(optarg)+1); data/mrtdreader-0.1.6/src/mrtdreader.c:86:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(eov,optarg,strlen(optarg)); data/mrtdreader-0.1.6/src/mrtdreader.c:124:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). inlength = strlen(extra_argument); data/mrtdreader-0.1.6/test/test1.c:44:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(kmrz,mrp_number,9); data/mrtdreader-0.1.6/test/test1.c:45:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(kmrz+9,mrp_numbercd,1); data/mrtdreader-0.1.6/test/test1.c:46:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(kmrz+10,mrp_dob,6); data/mrtdreader-0.1.6/test/test1.c:47:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(kmrz+16,mrp_dobcd,1); data/mrtdreader-0.1.6/test/test1.c:48:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(kmrz+17,mrp_expiry,6); data/mrtdreader-0.1.6/test/test1.c:49:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(kmrz+23,mrp_expirycd,1); ANALYSIS SUMMARY: Hits = 113 Lines analyzed = 1792 in approximately 0.09 seconds (20804 lines/second) Physical Source Lines of Code (SLOC) = 1300 Hits@level = [0] 63 [1] 20 [2] 91 [3] 2 [4] 0 [5] 0 Hits@level+ = [0+] 176 [1+] 113 [2+] 93 [3+] 2 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 135.385 [1+] 86.9231 [2+] 71.5385 [3+] 1.53846 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.