Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pixiewps-1.4.2/src/config.h Examining data/pixiewps-1.4.2/src/crypto/crypto_internal-modexp.c Examining data/pixiewps-1.4.2/src/crypto/hmac_sha256.c Examining data/pixiewps-1.4.2/src/crypto/tc/aes.c Examining data/pixiewps-1.4.2/src/crypto/tc/aes_cbc.c Examining data/pixiewps-1.4.2/src/crypto/tc/aes_cbc.h Examining data/pixiewps-1.4.2/src/crypto/tc/aes_tab.c Examining data/pixiewps-1.4.2/src/crypto/tc/sha256.c Examining data/pixiewps-1.4.2/src/crypto/tc/tomcrypt.h Examining data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_argchk.h Examining data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cfg.h Examining data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h Examining data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_custom.h Examining data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h Examining data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_macros.h Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_2expt.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_add.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_cmp.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_cmp_d.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_cmp_mag.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_count_bits.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_div.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_div_2.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_div_2d.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_exptmod.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_invmod.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_lshd.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mod.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mod_2d.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_montgomery_calc_normalization.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_montgomery_reduce.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_montgomery_setup.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_2.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_2d.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_20.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_24.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_28.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_32.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_48.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_64.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_d.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_mulmod.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_read_unsigned_bin.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_reverse.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_rshd.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_set.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_20.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_24.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_28.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_32.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_48.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_64.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_generic.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_sub.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_to_unsigned_bin.c Examining data/pixiewps-1.4.2/src/crypto/tfm/fp_unsigned_bin_size.c Examining data/pixiewps-1.4.2/src/crypto/tfm/s_fp_add.c Examining data/pixiewps-1.4.2/src/crypto/tfm/s_fp_sub.c Examining data/pixiewps-1.4.2/src/crypto/tfm/tfm.h Examining data/pixiewps-1.4.2/src/crypto/tfm/tfm_private.h Examining data/pixiewps-1.4.2/src/endianness.h Examining data/pixiewps-1.4.2/src/pixiewps.c Examining data/pixiewps-1.4.2/src/pixiewps.h Examining data/pixiewps-1.4.2/src/random/glibc_random.c Examining data/pixiewps-1.4.2/src/random/glibc_random_lazy.c Examining data/pixiewps-1.4.2/src/random/glibc_random_old.c Examining data/pixiewps-1.4.2/src/random/glibc_random_yura.c Examining data/pixiewps-1.4.2/src/utils.h Examining data/pixiewps-1.4.2/src/version.h Examining data/pixiewps-1.4.2/src/wps.h FINAL RESULTS: data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_macros.h:441:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_macros.h:441:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/pixiewps-1.4.2/src/pixiewps.c:438:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pin_copy, wps->pin); data/pixiewps-1.4.2/src/pixiewps.c:443:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(wps->pin, pin_copy); data/pixiewps-1.4.2/src/pixiewps.c:622:6: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, v_usage, SHORT_VERSION, data/pixiewps-1.4.2/src/pixiewps.c:698:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, SHORT_VERSION, argv[0], wps->error); data/pixiewps-1.4.2/src/pixiewps.h:51:41: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define DEBUG_PRINT(fmt, args...) do { printf("\n [DEBUG] %s:%4d:%s(): " fmt, \ data/pixiewps-1.4.2/src/pixiewps.c:489:8: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long(argc, argv, option_string, long_options, &long_index); data/pixiewps-1.4.2/src/pixiewps.c:687:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long(argc, argv, option_string, long_options, &long_index); data/pixiewps-1.4.2/src/crypto/tc/aes_cbc.c:60:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[16]; data/pixiewps-1.4.2/src/crypto/tc/aes_cbc.c:120:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[16]; data/pixiewps-1.4.2/src/crypto/tc/aes_cbc.c:124:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, tmp, left); data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:37:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char K[33][16]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:77:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char S[32], start; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:90:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef unsigned char safer_block_t[LTC_SAFER_BLOCK_LEN]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:91:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef unsigned char safer_key_t[LTC_SAFER_KEY_LEN]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:123:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char key[10]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:264:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE], data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:282:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:296:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:318:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ctr[MAXBLOCKSIZE], data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:334:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[16], data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:347:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char PC[16][256][16]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:362:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE], data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:999:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char kstream[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:1019:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char kstream[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:1045:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[80]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:1069:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char block[16]; /* last keystream block containing unused bytes */ data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_cipher.h:1086:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_custom.h:33:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define XMEMCPY memcpy data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_custom.h:60:34: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \ data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:15:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sb[25 * 8]; /* used for storing `ulong64 s[25]` as little-endian bytes */ data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:27:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[128]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:35:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:43:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:51:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:59:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:67:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:73:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char chksum[16], X[48], buf[16]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:81:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:89:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:97:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:105:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:113:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:121:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char state[MAXBLOCKSIZE], buf[MAXBLOCKSIZE]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:131:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:143:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[128]; data/pixiewps-1.4.2/src/crypto/tc/tomcrypt_hash.h:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dummy[1]; data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_20.c:9:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 20 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_20.c:10:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+20, B->dp, 20 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_24.c:9:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 24 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_24.c:10:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+24, B->dp, 24 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_28.c:9:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 28 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_28.c:10:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+28, B->dp, 28 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_32.c:11:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 32 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_32.c:12:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+32, B->dp, 32 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_48.c:11:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 48 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_48.c:12:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+48, B->dp, 48 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_64.c:11:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 64 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_64.c:12:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+64, B->dp, 64 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:11:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 1 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:12:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+1, B->dp, 1 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:27:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 2 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:28:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+2, B->dp, 2 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:51:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 3 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:52:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+3, B->dp, 3 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:83:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 4 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:84:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+4, B->dp, 4 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:123:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 5 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:124:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+5, B->dp, 5 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:171:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 6 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:172:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+6, B->dp, 6 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:227:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 7 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:228:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+7, B->dp, 7 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:291:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 8 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:292:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+8, B->dp, 8 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:363:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 9 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:364:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+9, B->dp, 9 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:443:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 10 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:444:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+10, B->dp, 10 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:531:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 11 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:532:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+11, B->dp, 11 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:627:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 12 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:628:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+12, B->dp, 12 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:731:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 13 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:732:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+13, B->dp, 13 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:843:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 14 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:844:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+14, B->dp, 14 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:963:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 15 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:964:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+15, B->dp, 15 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:1091:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at, A->dp, 16 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_mul_comba_small_set.c:1092:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(at+16, B->dp, 16 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_20.c:216:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 40 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_24.c:256:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 48 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_28.c:296:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 56 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_32.c:336:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 64 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_48.c:496:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 96 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_64.c:656:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 128 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:27:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 2 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:56:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 4 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:95:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 6 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:144:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 8 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:203:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 10 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:272:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 12 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:351:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 14 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:440:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 16 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:539:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 18 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:648:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 20 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:767:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 22 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:896:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 24 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:1035:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 26 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:1184:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 28 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:1343:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 30 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/fp_sqr_comba_small_set.c:1512:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(B->dp, b, 32 * sizeof(fp_digit)); data/pixiewps-1.4.2/src/crypto/tfm/tfm.h:361:51: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define fp_copy(a, b) (void)(((a) != (b)) && memcpy((b), (a), sizeof(fp_int))) data/pixiewps-1.4.2/src/pixiewps.c:212:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char testnonce[16] = {0}; data/pixiewps-1.4.2/src/pixiewps.c:314:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(job_control.randr_enonce, wps->e_nonce, WPS_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:378:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. be = end_htobe32(word0 >> 1); memcpy(ptr, &be, sizeof be); data/pixiewps-1.4.2/src/pixiewps.c:379:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. be = end_htobe32(word1 >> 1); memcpy(ptr + 4, &be, sizeof be); data/pixiewps-1.4.2/src/pixiewps.c:380:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. be = end_htobe32(word2 >> 1); memcpy(ptr + 8, &be, sizeof be); data/pixiewps-1.4.2/src/pixiewps.c:381:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. be = end_htobe32(word3 >> 1); memcpy(ptr + 12, &be, sizeof be); data/pixiewps-1.4.2/src/pixiewps.c:396:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pin[WPS_PIN_LEN + 1]; data/pixiewps-1.4.2/src/pixiewps.c:402:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(job_control.wps->e_s1, nonce_buf, sizeof nonce_buf); data/pixiewps-1.4.2/src/pixiewps.c:403:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(job_control.wps->pin, pin, sizeof pin); data/pixiewps-1.4.2/src/pixiewps.c:411:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(job_control.wps->e_s1, nonce_buf, sizeof nonce_buf); data/pixiewps-1.4.2/src/pixiewps.c:412:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(job_control.wps->pin, pin, sizeof pin); data/pixiewps-1.4.2/src/pixiewps.c:424:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pin[WPS_PIN_LEN + 1]; data/pixiewps-1.4.2/src/pixiewps.c:428:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->e_s1, nonce_buf, sizeof nonce_buf); data/pixiewps-1.4.2/src/pixiewps.c:429:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->pin, pin, sizeof pin); data/pixiewps-1.4.2/src/pixiewps.c:437:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pin_copy[WPS_PIN_LEN + 1]; data/pixiewps-1.4.2/src/pixiewps.c:603:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[30]; data/pixiewps-1.4.2/src/pixiewps.c:749:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, wps->e_nonce, WPS_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:750:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_NONCE_LEN, wps->e_bssid, WPS_BSSID_LEN); data/pixiewps-1.4.2/src/pixiewps.c:751:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_NONCE_LEN + WPS_BSSID_LEN, wps->r_nonce, WPS_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:758:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->authkey, buffer, WPS_AUTHKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:759:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->wrapkey, buffer + WPS_AUTHKEY_LEN, WPS_KEYWRAPKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:760:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->emsk, buffer + WPS_AUTHKEY_LEN + WPS_KEYWRAPKEY_LEN, WPS_EMSK_LEN); data/pixiewps-1.4.2/src/pixiewps.c:794:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->e_s1, vtag->data, WPS_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:802:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->e_s2, vtag->data, WPS_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:828:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, vtag->data, WPS_TAG_KEYWRAP_AUTH_LEN); data/pixiewps-1.4.2/src/pixiewps.c:848:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, vtag->data, tag_size); data/pixiewps-1.4.2/src/pixiewps.c:860:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, vtag->data, tag_size); data/pixiewps-1.4.2/src/pixiewps.c:1046:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, wps->e_nonce, WPS_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1047:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_NONCE_LEN, wps->e_bssid, WPS_BSSID_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1048:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_NONCE_LEN + WPS_BSSID_LEN, wps->r_nonce, WPS_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1057:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->authkey, buffer, WPS_AUTHKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1062:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->wrapkey, buffer + WPS_AUTHKEY_LEN, WPS_KEYWRAPKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1063:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->emsk, buffer + WPS_AUTHKEY_LEN + WPS_KEYWRAPKEY_LEN, WPS_EMSK_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1109:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->e_s1, wps->e_nonce, WPS_SECRET_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1110:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->e_s2, wps->e_nonce, WPS_SECRET_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1231:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->e_s1, wps->e_nonce, WPS_SECRET_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1232:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->e_s2, wps->e_nonce, WPS_SECRET_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1260:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[30]; data/pixiewps-1.4.2/src/pixiewps.c:1416:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[30]; data/pixiewps-1.4.2/src/pixiewps.c:1557:62: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int check_pin_half(const struct hmac_ctx *hctx, const char pinhalf[4], uint8_t *psk, const uint8_t *es, struct global *wps, const uint8_t *ehash) data/pixiewps-1.4.2/src/pixiewps.c:1563:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, es, WPS_SECRET_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1564:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_SECRET_NONCE_LEN, psk, WPS_PSK_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1565:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_SECRET_NONCE_LEN + WPS_PSK_LEN, wps->pke, WPS_PKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1566:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_SECRET_NONCE_LEN + WPS_PSK_LEN + WPS_PKEY_LEN, wps->pkr, WPS_PKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1578:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, es, WPS_SECRET_NONCE_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1579:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_SECRET_NONCE_LEN, wps->empty_psk, WPS_PSK_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1580:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_SECRET_NONCE_LEN + WPS_PSK_LEN, wps->pke, WPS_PKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1581:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + WPS_SECRET_NONCE_LEN + WPS_PSK_LEN + WPS_PKEY_LEN, wps->pkr, WPS_PKEY_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1594:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->psk1, wps->empty_psk, WPS_HASH_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1607:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->psk1, psk, sizeof psk); data/pixiewps-1.4.2/src/pixiewps.c:1619:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->psk2, wps->empty_psk, WPS_HASH_LEN); data/pixiewps-1.4.2/src/pixiewps.c:1623:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned second_half, first_half = atoi(pin); data/pixiewps-1.4.2/src/pixiewps.c:1635:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->psk2, psk, sizeof psk); data/pixiewps-1.4.2/src/pixiewps.c:1650:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wps->psk2, psk, sizeof psk); data/pixiewps-1.4.2/src/pixiewps.h:69:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *p_mode_name[MODE_LEN + 1] = { "", "RT/MT/CL", "eCos simple", "RTL819x", "eCos simplest", "eCos Knuth" }; data/pixiewps-1.4.2/src/pixiewps.h:97:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pin[WPS_PIN_LEN + 1]; data/pixiewps-1.4.2/src/utils.h:189:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_month[3]; data/pixiewps-1.4.2/src/utils.h:190:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_year[5]; data/pixiewps-1.4.2/src/wps.h:114:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, &be, sizeof(uint32_t)); data/pixiewps-1.4.2/src/wps.h:115:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + sizeof(uint32_t), kdf_salt, sizeof(kdf_salt)); data/pixiewps-1.4.2/src/wps.h:117:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + sizeof(uint32_t) + sizeof(kdf_salt), &be, sizeof(uint32_t)); data/pixiewps-1.4.2/src/wps.h:142:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(decrypted, encr + block_size, encr_len - block_size); data/pixiewps-1.4.2/src/pixiewps.c:1624:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *s_pin = pin + strlen(pin); data/pixiewps-1.4.2/src/utils.h:29:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int len = strlen(in); data/pixiewps-1.4.2/src/utils.h:66:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int len = strlen(in); data/pixiewps-1.4.2/src/utils.h:117:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i, o = 0, len = strlen(in); data/pixiewps-1.4.2/src/utils.h:178:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int len = strlen(s); ANALYSIS SUMMARY: Hits = 182 Lines analyzed = 19473 in approximately 1.02 seconds (19053 lines/second) Physical Source Lines of Code (SLOC) = 13560 Hits@level = [0] 98 [1] 5 [2] 168 [3] 2 [4] 7 [5] 0 Hits@level+ = [0+] 280 [1+] 182 [2+] 177 [3+] 9 [4+] 7 [5+] 0 Hits/KSLOC@level+ = [0+] 20.649 [1+] 13.4218 [2+] 13.0531 [3+] 0.663717 [4+] 0.516224 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.