Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tcplay-1.1/crc32.c
Examining data/tcplay-1.1/crc32.h
Examining data/tcplay-1.1/crypto-dev.c
Examining data/tcplay-1.1/crypto-gcrypt.c
Examining data/tcplay-1.1/crypto.c
Examining data/tcplay-1.1/generic_xts.c
Examining data/tcplay-1.1/generic_xts.h
Examining data/tcplay-1.1/hdr.c
Examining data/tcplay-1.1/humanize.c
Examining data/tcplay-1.1/humanize.h
Examining data/tcplay-1.1/io.c
Examining data/tcplay-1.1/main.c
Examining data/tcplay-1.1/pbkdf2-gcrypt.c
Examining data/tcplay-1.1/pbkdf2-openssl.c
Examining data/tcplay-1.1/safe_mem.c
Examining data/tcplay-1.1/tcplay_api.h
Examining data/tcplay-1.1/tcplay_api_test.c
Examining data/tcplay-1.1/tcplay.h
Examining data/tcplay-1.1/tcplay_api.c
Examining data/tcplay-1.1/tcplay.c
FINAL RESULTS:
data/tcplay-1.1/tcplay.c:87:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(tc_internal_log_buffer, LOG_BUFFER_SZ, fmt, ap);
data/tcplay-1.1/tcplay.c:889:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(passphrase_out, pass);
data/tcplay-1.1/tcplay.c:1560:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ciphers, crypto_algo->name);
data/tcplay-1.1/tcplay.c:1664:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev, info->dev);
data/tcplay-1.1/tcplay.c:1705:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(map, mapname);
data/tcplay-1.1/tcplay.c:1707:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map, "%s.%d", mapname, j);
data/tcplay-1.1/tcplay.c:1782:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(params, 512, "%s %s %"PRIu64 " %s %"PRIu64,
data/tcplay-1.1/tcplay.c:1826:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dev, "/dev/mapper/%s.%d", mapname, j);
data/tcplay-1.1/tcplay.c:1878:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map, "%s.%d", mapname, i);
data/tcplay-1.1/tcplay_api_test.c:50:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("dmsetup ls");
data/tcplay-1.1/main.c:245:15: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt_long(argc, argv, "a:b:cd:ef:ghij:k:m:s:u:vwx:y:z",
data/tcplay-1.1/crypto-dev.c:109:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
data/tcplay-1.1/crypto-gcrypt.c:178:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, len);
data/tcplay-1.1/crypto.c:72:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dummy_chain->key,
data/tcplay-1.1/crypto.c:75:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dummy_chain->key + dummy_chain->cipher->klen/2,
data/tcplay-1.1/hdr.c:57:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[128];
data/tcplay-1.1/hdr.c:136:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[128];
data/tcplay-1.1/hdr.c:206:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dhdr->tc_str, "TRUE", 4);
data/tcplay-1.1/hdr.c:281:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[128];
data/tcplay-1.1/humanize.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/tcplay-1.1/io.c:57:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0) {
data/tcplay-1.1/io.c:120:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open((weak) ? "/dev/urandom" : "/dev/random", O_RDONLY)) < 0) {
data/tcplay-1.1/io.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ERASE_BUFFER_SIZE];
data/tcplay-1.1/io.c:189:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd_rand = open("/dev/urandom", O_RDONLY)) < 0) {
data/tcplay-1.1/io.c:194:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(dev, O_WRONLY)) < 0) {
data/tcplay-1.1/io.c:252:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(dev, O_RDONLY)) < 0) {
data/tcplay-1.1/io.c:278:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(dev, O_RDONLY)) < 0) {
data/tcplay-1.1/io.c:333:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem_buf + internal_off, mem, bytes);
data/tcplay-1.1/io.c:336:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(dev, O_WRONLY)) < 0) {
data/tcplay-1.1/main.c:213:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *keyfiles[MAX_KEYFILES];
data/tcplay-1.1/main.c:214:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *h_keyfiles[MAX_KEYFILES];
data/tcplay-1.1/main.c:215:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *new_keyfiles[MAX_KEYFILES];
data/tcplay-1.1/safe_mem.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sig[8]; /* SAFEMEM */
data/tcplay-1.1/safe_mem.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sig[8]; /* SAFEMEM */
data/tcplay-1.1/safe_mem.c:77:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hdr->sig, "SAFEMEM");
data/tcplay-1.1/safe_mem.c:78:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tail->sig, "SAFEMEM");
data/tcplay-1.1/tcplay.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tc_internal_log_buffer[LOG_BUFFER_SZ];
data/tcplay-1.1/tcplay.c:213:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elem, src, sizeof(*elem));
data/tcplay-1.1/tcplay.c:222:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elem->key, src->key, src->cipher->klen);
data/tcplay-1.1/tcplay.c:284:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sbuf[256];
data/tcplay-1.1/tcplay.c:395:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&cipher_chain->dm_key[i*2], "%02x",
data/tcplay-1.1/tcplay.c:529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/tcplay-1.1/tcplay.c:676:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%zu bytes", (blocks * blksz));
data/tcplay-1.1/tcplay.c:1341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/tcplay-1.1/tcplay.c:1512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[PATH_MAX];
data/tcplay-1.1/tcplay.c:1513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ciphers[512];
data/tcplay-1.1/tcplay.c:1645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *uu_stack[64];
data/tcplay-1.1/tcplay.c:1653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev[PATH_MAX];
data/tcplay-1.1/tcplay.c:1654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[PATH_MAX];
data/tcplay-1.1/tcplay.c:1868:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[PATH_MAX];
data/tcplay-1.1/tcplay.c:1914:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ciphers[8];
data/tcplay-1.1/tcplay.h:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dm_key[MAX_KEYSZ*2 + 1];
data/tcplay-1.1/tcplay.h:106:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char salt[SALT_LEN]; /* Salt for PBKDF */
data/tcplay-1.1/tcplay.h:107:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char enc[448]; /* Encrypted part of the header */
data/tcplay-1.1/tcplay.h:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tc_str[4]; /* ASCII string "TRUE" */
data/tcplay-1.1/tcplay.h:129:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unused3[120];
data/tcplay-1.1/tcplay.h:131:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keys[256];
data/tcplay-1.1/tcplay.h:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev[PATH_MAX];
data/tcplay-1.1/tcplay.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_KEYSZ*2 + 1];
data/tcplay-1.1/tcplay.h:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[PATH_MAX]; /* Underlying device */
data/tcplay-1.1/tcplay.h:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[256]; /* DM Target type */
data/tcplay-1.1/tcplay.h:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher[256]; /* Cipher */
data/tcplay-1.1/tcplay_api.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tc_device[1024];
data/tcplay-1.1/tcplay_api.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tc_cipher[256];
data/tcplay-1.1/tcplay_api.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tc_prf[64];
data/tcplay-1.1/crypto.c:216:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pl = strlen((char *)pass);
data/tcplay-1.1/humanize.c:85:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/tcplay-1.1/io.c:72:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((r = read(fd, mem, *sz)) <= 0) {
data/tcplay-1.1/io.c:137:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((r = read(fd, buf+rd, sz)) < 0) {
data/tcplay-1.1/io.c:212:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((r = read(fd_rand, buf, sz)) < 0) {
data/tcplay-1.1/io.c:419:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, pass, bufsz-1);
data/tcplay-1.1/io.c:427:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pass) > MAX_PASSSZ)
data/tcplay-1.1/tcplay.c:369:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->dev, dev, sizeof(info->dev));
data/tcplay-1.1/tcplay.c:592:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pass, passphrase, MAX_PASSSZ);
data/tcplay-1.1/tcplay.c:640:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(h_pass, h_passphrase, MAX_PASSSZ);
data/tcplay-1.1/tcplay.c:690:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\0';
data/tcplay-1.1/tcplay.c:755:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(nkeyfiles > 0)?MAX_PASSSZ:strlen(pass),
data/tcplay-1.1/tcplay.c:765:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(n_hkeyfiles > 0)?MAX_PASSSZ:strlen(h_pass), h_prf_algo,
data/tcplay-1.1/tcplay.c:883:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pass, passphrase, MAX_PASSSZ);
data/tcplay-1.1/tcplay.c:918:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(h_pass, passphrase_hidden, MAX_PASSSZ);
data/tcplay-1.1/tcplay.c:963:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(nkeyfiles > 0)?MAX_PASSSZ:strlen(pass),
data/tcplay-1.1/tcplay.c:974:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(nkeyfiles > 0)?MAX_PASSSZ:strlen(pass), hehdr,
data/tcplay-1.1/tcplay.c:979:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(n_hkeyfiles > 0)?MAX_PASSSZ:strlen(h_pass), hehdr,
data/tcplay-1.1/tcplay.c:1214:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pass, new_passphrase, MAX_PASSSZ);
data/tcplay-1.1/tcplay.c:1229:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(n_newkeyfiles > 0)?MAX_PASSSZ:strlen(pass),
data/tcplay-1.1/tcplay.c:1365:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(((strncmp(ent->d_name, "dm-", 3) == 0) && strlen(ent->d_name) <= 5)))
data/tcplay-1.1/tcplay.c:1433:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tc_table->target, target_type,
data/tcplay-1.1/tcplay.c:1449:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tc_table->cipher, p1,
data/tcplay-1.1/tcplay.c:1523:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(map, map_name, PATH_MAX);
data/tcplay-1.1/tcplay.c:1561:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ciphers, ",");
data/tcplay-1.1/tcplay.c:1563:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ciphers[strlen(ciphers)-1] = '\0';
data/tcplay-1.1/tcplay.c:1572:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->dev, dm_table[outermost]->device, sizeof(info->dev));
data/tcplay-1.1/tcplay.c:1951:27: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if ((k == nciphers) && !mismatch) {
data/tcplay-1.1/tcplay_api.c:241:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vol_info->tc_prf, info->pbkdf_prf->name, sizeof(vol_info->tc_prf));
data/tcplay-1.1/tcplay_api.c:245:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vol_info->tc_device, info->dev, sizeof(vol_info->tc_device));
data/tcplay-1.1/tcplay_api.c:273:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(vol_info->tc_prf, "(unknown)", sizeof(vol_info->tc_prf));
data/tcplay-1.1/tcplay_api.c:277:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vol_info->tc_device, info->dev, sizeof(vol_info->tc_device));
ANALYSIS SUMMARY:
Hits = 97
Lines analyzed = 5638 in approximately 0.19 seconds (29427 lines/second)
Physical Source Lines of Code (SLOC) = 4088
Hits@level = [0] 79 [1] 32 [2] 54 [3] 1 [4] 10 [5] 0
Hits@level+ = [0+] 176 [1+] 97 [2+] 65 [3+] 11 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 43.0528 [1+] 23.728 [2+] 15.9002 [3+] 2.6908 [4+] 2.44618 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.