Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pycryptodome-3.9.7+dfsg1/src/AES.c Examining data/pycryptodome-3.9.7+dfsg1/src/AESNI.c Examining data/pycryptodome-3.9.7+dfsg1/src/ARC2.c Examining data/pycryptodome-3.9.7+dfsg1/src/ARC4.c Examining data/pycryptodome-3.9.7+dfsg1/src/CAST.c Examining data/pycryptodome-3.9.7+dfsg1/src/DES.c Examining data/pycryptodome-3.9.7+dfsg1/src/DES3.c Examining data/pycryptodome-3.9.7+dfsg1/src/MD2.c Examining data/pycryptodome-3.9.7+dfsg1/src/MD4.c Examining data/pycryptodome-3.9.7+dfsg1/src/MD5.c Examining data/pycryptodome-3.9.7+dfsg1/src/RIPEMD160.c Examining data/pycryptodome-3.9.7+dfsg1/src/SHA1.c Examining data/pycryptodome-3.9.7+dfsg1/src/SHA224.c Examining data/pycryptodome-3.9.7+dfsg1/src/SHA256.c Examining data/pycryptodome-3.9.7+dfsg1/src/SHA384.c Examining data/pycryptodome-3.9.7+dfsg1/src/SHA512.c Examining data/pycryptodome-3.9.7+dfsg1/src/Salsa20.c Examining data/pycryptodome-3.9.7+dfsg1/src/blake2.c Examining data/pycryptodome-3.9.7+dfsg1/src/blake2b.c Examining data/pycryptodome-3.9.7+dfsg1/src/blake2s.c Examining data/pycryptodome-3.9.7+dfsg1/src/block_base.h Examining data/pycryptodome-3.9.7+dfsg1/src/block_common.c Examining data/pycryptodome-3.9.7+dfsg1/src/blowfish.c Examining data/pycryptodome-3.9.7+dfsg1/src/blowfish_init.c Examining data/pycryptodome-3.9.7+dfsg1/src/cast5.c Examining data/pycryptodome-3.9.7+dfsg1/src/chacha20.c Examining data/pycryptodome-3.9.7+dfsg1/src/common.h Examining data/pycryptodome-3.9.7+dfsg1/src/cpuid.c Examining data/pycryptodome-3.9.7+dfsg1/src/ec.h Examining data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c Examining data/pycryptodome-3.9.7+dfsg1/src/ec_ws_p256.c Examining data/pycryptodome-3.9.7+dfsg1/src/ec_ws_p384.c Examining data/pycryptodome-3.9.7+dfsg1/src/ec_ws_p521.c Examining data/pycryptodome-3.9.7+dfsg1/src/endianess.h Examining data/pycryptodome-3.9.7+dfsg1/src/errors.h Examining data/pycryptodome-3.9.7+dfsg1/src/ghash_clmul.c Examining data/pycryptodome-3.9.7+dfsg1/src/ghash_portable.c Examining data/pycryptodome-3.9.7+dfsg1/src/hash_SHA2_template.c Examining data/pycryptodome-3.9.7+dfsg1/src/keccak.c Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_argchk.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cfg.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_custom.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_macros.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_math.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_misc.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_pk.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_pkcs.h Examining data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_prng.h Examining data/pycryptodome-3.9.7+dfsg1/src/make_p256_table.c Examining data/pycryptodome-3.9.7+dfsg1/src/make_p384_table.c Examining data/pycryptodome-3.9.7+dfsg1/src/make_p521_table.c Examining data/pycryptodome-3.9.7+dfsg1/src/modexp.c Examining data/pycryptodome-3.9.7+dfsg1/src/modexp_utils.c Examining data/pycryptodome-3.9.7+dfsg1/src/modexp_utils.h Examining data/pycryptodome-3.9.7+dfsg1/src/mont.c Examining data/pycryptodome-3.9.7+dfsg1/src/mont.h Examining data/pycryptodome-3.9.7+dfsg1/src/multiply.h Examining data/pycryptodome-3.9.7+dfsg1/src/multiply_32.c Examining data/pycryptodome-3.9.7+dfsg1/src/multiply_64.c Examining data/pycryptodome-3.9.7+dfsg1/src/p256_table.c Examining data/pycryptodome-3.9.7+dfsg1/src/p384_table.c Examining data/pycryptodome-3.9.7+dfsg1/src/p521_table.c Examining data/pycryptodome-3.9.7+dfsg1/src/poly1305.c Examining data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c Examining data/pycryptodome-3.9.7+dfsg1/src/raw_cfb.c Examining data/pycryptodome-3.9.7+dfsg1/src/raw_ctr.c Examining data/pycryptodome-3.9.7+dfsg1/src/raw_ecb.c Examining data/pycryptodome-3.9.7+dfsg1/src/raw_ocb.c Examining data/pycryptodome-3.9.7+dfsg1/src/raw_ofb.c Examining data/pycryptodome-3.9.7+dfsg1/src/scrypt.c Examining data/pycryptodome-3.9.7+dfsg1/src/siphash.c Examining data/pycryptodome-3.9.7+dfsg1/src/siphash.h Examining data/pycryptodome-3.9.7+dfsg1/src/strxor.c Examining data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c Examining data/pycryptodome-3.9.7+dfsg1/src/test/test_ec_ws.c Examining data/pycryptodome-3.9.7+dfsg1/src/test/test_endianess.c Examining data/pycryptodome-3.9.7+dfsg1/src/test/test_mont.c FINAL RESULTS: data/pycryptodome-3.9.7+dfsg1/src/ARC2.c:83:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bkey, key, t); data/pycryptodome-3.9.7+dfsg1/src/CAST.c:274:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in, 8); data/pycryptodome-3.9.7+dfsg1/src/CAST.c:280:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in, 8); data/pycryptodome-3.9.7+dfsg1/src/MD2.c:101:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hs->buf+hs->count, buf, tc); data/pycryptodome-3.9.7+dfsg1/src/MD2.c:154:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(digest, temp.X, 16); data/pycryptodome-3.9.7+dfsg1/src/MD4.c:98:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hs->buf+hs->count, buf, tc); data/pycryptodome-3.9.7+dfsg1/src/MD5.c:246:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&hs->buf[hs->curlen], buf, btc); data/pycryptodome-3.9.7+dfsg1/src/MD5.c:356:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result, first_hmac, DIGEST_SIZE); data/pycryptodome-3.9.7+dfsg1/src/MD5.c:357:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(last_hmac, first_hmac, DIGEST_SIZE); data/pycryptodome-3.9.7+dfsg1/src/RIPEMD160.c:161:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hs->h, initial_h, RIPEMD160_DIGEST_SIZE); data/pycryptodome-3.9.7+dfsg1/src/RIPEMD160.c:273:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&hs->buf[hs->bufpos], in, bytes_needed); data/pycryptodome-3.9.7+dfsg1/src/RIPEMD160.c:284:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&hs->buf[hs->bufpos], in, len); data/pycryptodome-3.9.7+dfsg1/src/SHA1.c:276:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&hs->buf[hs->curlen], buf, btc); data/pycryptodome-3.9.7+dfsg1/src/SHA1.c:391:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result, first_hmac, DIGEST_SIZE); data/pycryptodome-3.9.7+dfsg1/src/SHA1.c:392:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(last_hmac, first_hmac, DIGEST_SIZE); data/pycryptodome-3.9.7+dfsg1/src/blake2.c:78:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hs->buf, key, key_size); data/pycryptodome-3.9.7+dfsg1/src/blake2.c:215:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&hs->buf[hs->buf_occ], in, tc); data/pycryptodome-3.9.7+dfsg1/src/blowfish.c:136:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(P_buf + P_idx, key, tc); data/pycryptodome-3.9.7+dfsg1/src/blowfish.c:179:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->S, S_init, sizeof S_init); data/pycryptodome-3.9.7+dfsg1/src/blowfish.c:180:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->P, P_init, sizeof P_init); data/pycryptodome-3.9.7+dfsg1/src/blowfish.c:245:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->S, S_init, sizeof S_init); data/pycryptodome-3.9.7+dfsg1/src/blowfish.c:246:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->P, P_init, sizeof P_init); data/pycryptodome-3.9.7+dfsg1/src/chacha20.c:164:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(h, state->h, sizeof state->h); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:189:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x, x1, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:190:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(y, y1, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:191:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(z, z1, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:289:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x1, x13, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:290:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(y1, y13, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:291:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(z1, z13, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:382:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x1, x13, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:383:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(y1, y13, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:384:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(z1, z13, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:386:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x2, x12, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:387:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(y2, y12, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/ec_ws.c:388:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(z2, z12, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:40:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, w, 4); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:52:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(w, p, 4); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:61:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, w, 4); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:73:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(w, p, 4); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:104:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, w, 8); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:120:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(w, p, 8); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:136:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, w, 8); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:152:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(w, p, 8); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:222:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf8 + (8 - bytes_in_msw), in, bytes_in_msw); data/pycryptodome-3.9.7+dfsg1/src/endianess.h:275:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, buf8+(8-partial), partial); data/pycryptodome-3.9.7+dfsg1/src/ghash_portable.c:150:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(y_out, y_in, 16); data/pycryptodome-3.9.7+dfsg1/src/hash_SHA2_template.c:360:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&hs->buf[hs->curlen], buf, btc); data/pycryptodome-3.9.7+dfsg1/src/hash_SHA2_template.c:419:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hash, hash_tmp, hs->digest_size); data/pycryptodome-3.9.7+dfsg1/src/hash_SHA2_template.c:484:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result, first_hmac, digest_size); data/pycryptodome-3.9.7+dfsg1/src/hash_SHA2_template.c:485:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(last_hmac, first_hmac, digest_size); data/pycryptodome-3.9.7+dfsg1/src/keccak.c:135:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self->buf + self->valid_bytes, in, tc); data/pycryptodome-3.9.7+dfsg1/src/keccak.c:188:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, self->buf + (self->rate - self->valid_bytes), tc); data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:28:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char K[33][16]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:68:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char S[32], start; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:81:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef unsigned char safer_block_t[LTC_SAFER_BLOCK_LEN]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:82:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef unsigned char safer_key_t[LTC_SAFER_KEY_LEN]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:114:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char key[10]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:222:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE], data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:240:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:254:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:276:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ctr[MAXBLOCKSIZE], data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:292:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[16], data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:305:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char PC[16][256][16]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_cipher.h:320:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char IV[MAXBLOCKSIZE], data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_custom.h:37:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #ifdef memcpy data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_custom.h:40:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define XMEMCPY memcpy data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c:68:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char pc1[56] = { data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c:75:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char totrot[16] = { data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c:82:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char pc2[48] = { data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c:1310:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pc1m[56], pcr[56]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c:1691:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char key[8], txt[8], out[8]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c:1797:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[8]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_des.c:1831:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char key[24], pt[8], ct[8], tmp[8]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:6:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[128]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:14:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:22:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:30:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:38:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:46:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:52:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char chksum[16], X[48], buf[16]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:60:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:68:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:76:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:84:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:92:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[64]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:100:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char state[MAXBLOCKSIZE], buf[MAXBLOCKSIZE]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dummy[1]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_hash.h:361:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(md-> state_var .buf + md-> state_var.curlen, in, (size_t)n); \ data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:32:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char block[MAXBLOCKSIZE], data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:59:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char Ls[32][MAXBLOCKSIZE], /* L shifted by i bits to the left */ data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:106:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char N[MAXBLOCKSIZE]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:142:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char L[MAXBLOCKSIZE], /* L value */ data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:236:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char H[16], /* multiplier */ data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:251:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char PC[16][256][16] /* 16 tables of 8x128 */ data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:297:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char state[16]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:318:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char K[3][MAXBLOCKSIZE], data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_mac.h:350:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char akey[MAXBLOCKSIZE], data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_prng.h:5:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pool[MAXBLOCKSIZE]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_prng.h:14:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_prng.h:24:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char K[32], /* the current key */ data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_prng.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dummy[1]; data/pycryptodome-3.9.7+dfsg1/src/make_p256_table.c:71:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xw, xz, sizeof xw); data/pycryptodome-3.9.7+dfsg1/src/make_p256_table.c:72:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yw, yz, sizeof yw); data/pycryptodome-3.9.7+dfsg1/src/make_p256_table.c:75:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xw, window[j]->x, sizeof xw); data/pycryptodome-3.9.7+dfsg1/src/make_p256_table.c:76:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yw, window[j]->y, sizeof yw); data/pycryptodome-3.9.7+dfsg1/src/make_p384_table.c:71:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xw, xz, sizeof xw); data/pycryptodome-3.9.7+dfsg1/src/make_p384_table.c:72:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yw, yz, sizeof yw); data/pycryptodome-3.9.7+dfsg1/src/make_p384_table.c:75:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xw, window[j]->x, sizeof xw); data/pycryptodome-3.9.7+dfsg1/src/make_p384_table.c:76:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yw, window[j]->y, sizeof yw); data/pycryptodome-3.9.7+dfsg1/src/make_p521_table.c:71:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xw, xz, sizeof xw); data/pycryptodome-3.9.7+dfsg1/src/make_p521_table.c:72:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yw, yz, sizeof yw); data/pycryptodome-3.9.7+dfsg1/src/make_p521_table.c:75:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(xw, window[j]->x, sizeof xw); data/pycryptodome-3.9.7+dfsg1/src/make_p521_table.c:76:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(yw, window[j]->y, sizeof yw); data/pycryptodome-3.9.7+dfsg1/src/modexp_utils.c:28:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(seed_out, buffer, out_len); data/pycryptodome-3.9.7+dfsg1/src/modexp_utils.c:202:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, s); data/pycryptodome-3.9.7+dfsg1/src/modexp_utils.c:234:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uint8_t*)out + offset, cache_line + piece_len*obf, MIN(piece_len, remaining)); data/pycryptodome-3.9.7+dfsg1/src/mont.c:1130:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, ctx->r_mod_n, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/mont.c:1139:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, tmp1, ctx->bytes); data/pycryptodome-3.9.7+dfsg1/src/mont.c:1314:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->r2_mod_n, ctx->one, ctx->words * sizeof(uint64_t)); data/pycryptodome-3.9.7+dfsg1/src/mont.c:1332:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->r_mod_n, ctx->one, ctx->words * sizeof(uint64_t)); data/pycryptodome-3.9.7+dfsg1/src/multiply_32.c:158:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t32, t, sizeof(uint64_t)*t_nw); data/pycryptodome-3.9.7+dfsg1/src/multiply_32.c:159:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a32, a, sizeof(uint64_t)*a_nw); data/pycryptodome-3.9.7+dfsg1/src/multiply_32.c:177:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, t32, sizeof(uint64_t)*t_nw); data/pycryptodome-3.9.7+dfsg1/src/multiply_32.c:263:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a32, a, sizeof(uint64_t)*nw); data/pycryptodome-3.9.7+dfsg1/src/multiply_32.c:274:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, t32, 2*sizeof(uint64_t)*nw); data/pycryptodome-3.9.7+dfsg1/src/poly1305.c:91:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, data, len); data/pycryptodome-3.9.7+dfsg1/src/poly1305.c:249:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&a, h, 16); data/pycryptodome-3.9.7+dfsg1/src/poly1305.c:250:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&b, m, 16); data/pycryptodome-3.9.7+dfsg1/src/poly1305.c:252:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(h, &c, 16); data/pycryptodome-3.9.7+dfsg1/src/poly1305.c:377:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->buffer + state->buffer_used, in, btc); data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((*pResult)->iv, iv, iv_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c:88:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iv, cbcState->iv, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c:100:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iv, out, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c:106:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cbcState->iv, iv, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c:130:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iv, cbcState->iv, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c:142:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iv, in, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cbc.c:148:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cbcState->iv, iv, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cfb.c:96:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->next_iv, iv + segment_len, iv_len - segment_len); data/pycryptodome-3.9.7+dfsg1/src/raw_cfb.c:150:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(segment, (direction == DirEncrypt ? out : in) - keyStreamToUse, keyStreamToUse); data/pycryptodome-3.9.7+dfsg1/src/raw_ctr.c:103:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(current, counter_block0, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_ctr.c:107:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(current, current - block_len, block_len); data/pycryptodome-3.9.7+dfsg1/src/raw_ocb.c:127:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->offset_P, offset_0, BLOCK_SIZE); data/pycryptodome-3.9.7+dfsg1/src/raw_ocb.c:286:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pt, in, in_len); data/pycryptodome-3.9.7+dfsg1/src/raw_ofb.c:73:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((*pResult)->keyStream, iv, iv_len); data/pycryptodome-3.9.7+dfsg1/src/raw_ofb.c:100:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oldKeyStream, ofbState->keyStream, block_len); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:18:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r1, prod_high, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:19:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r2, prod_low, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:21:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &r3, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:34:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r1, zeroes, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:36:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &r2, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:53:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r1, in, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:55:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &r2, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:69:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r1, in, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:71:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &r2, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:85:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r1, in, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:87:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, &r2, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:103:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r1, in_a, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:104:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r2, in_b, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:106:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_hi, &r3, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:107:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_lo, &r4, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:116:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_hi, &r3, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:117:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_lo, &r4, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:138:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r1, in_a, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:139:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r2, in_b, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:142:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_hi, &r3, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:143:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_lo, &r4, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:152:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_hi, &r3, 16); data/pycryptodome-3.9.7+dfsg1/src/test/test_clmul.c:153:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_lo, &r4, 16); data/pycryptodome-3.9.7+dfsg1/src/common.h:170:12: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. return memalign(boundary, size); data/pycryptodome-3.9.7+dfsg1/src/libtom/tomcrypt_prng.h:95:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). unsigned long (*read)(unsigned char *out, unsigned long outlen, prng_state *prng); ANALYSIS SUMMARY: Hits = 170 Lines analyzed = 48379 in approximately 1.69 seconds (28606 lines/second) Physical Source Lines of Code (SLOC) = 41404 Hits@level = [0] 130 [1] 2 [2] 168 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 300 [1+] 170 [2+] 168 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 7.24568 [1+] 4.10588 [2+] 4.05758 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.