Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tgl-2.0.1+git20160323.ffb04cac/auto-static-autocomplete.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-key.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/structures.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/auto-static-fetch.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/no-preview.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-timers.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/updates.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/rand_openssl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/rsa_pem.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/rsa_pem_altern.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/bn_openssl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/sha.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/sha_altern.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/md5_openssl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/err.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/md5.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_openssl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/rand.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/bn.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/md5_altern.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/bn_altern.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/sha_openssl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/err_altern.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/rand_altern.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/err_openssl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/meta.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/crypto/rsa_pem_openssl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tools.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-methods-in.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-fetch.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-timers.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-key.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-structures.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/event-old.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tree.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/generate.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/mime-types.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/auto-static-print-ds.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/auto-static.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-queries.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tools.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/updates.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/auto.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/auto-static-store.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/queries.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-net-inner.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/binlog.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-inner.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/queries.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-layout.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-utils.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/mtproto-utils.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/auto-static-skip.c
Examining data/tgl-2.0.1+git20160323.ffb04cac/tgl-binlog.h
Examining data/tgl-2.0.1+git20160323.ffb04cac/generate.c
FINAL RESULTS:
data/tgl-2.0.1+git20160323.ffb04cac/auto-static-fetch.c:17:20: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
out_buf_pos += snprintf (out_buf + out_buf_pos, OUT_BUF_SIZE - out_buf_pos, __VA_ARGS__);\
data/tgl-2.0.1+git20160323.ffb04cac/auto-static-print-ds.c:18:20: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
out_buf_pos += snprintf (out_buf + out_buf_pos, OUT_BUF_SIZE - out_buf_pos, __VA_ARGS__);\
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2951:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void logprintf (const char *format, ...) __attribute__ ((format (printf, 1, 2)));
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:539:115: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void tgl_set_query_error (struct tgl_state *TLS, int error_code, const char *format, ...) __attribute__ ((format (printf, 3, 4)));
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:545:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (s, 1000, format, ap);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4755:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (s + l, pwd[0]);
data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.c:93:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (s, p);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:95:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void logprintf (const char *format, ...) __attribute__ ((format (printf, 1, 2), weak));
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:99:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stdout, format, ap);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:110:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int r = vsnprintf (buf, len, format, ap);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:3015:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((i = getopt (argc, argv, "vhHg:")) != -1) {
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:93:21: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
*(long *)buf ^= lrand48 ();
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:530:101: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void tgl_do_send_accept_encr_chat (struct tgl_state *TLS, struct tgl_secret_chat *E, unsigned char *random, void (*callback)(struct tgl_state *TLS,void *callback_extra, int success, struct tgl_secret_chat *E), void *callback_extra) {
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:550:5: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random[i] ^= random_here[i];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:552:32: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TGLC_bn *b = TGLC_bn_bin2bn (random, 256, 0);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:644:83: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void tgl_do_send_create_encr_chat (struct tgl_state *TLS, void *x, unsigned char *random, void (*callback)(struct tgl_state *TLS, void *callback_extra, int success, struct tgl_secret_chat *E), void *callback_extra) {
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:650:5: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random[i] ^= random_here[i];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:652:32: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TGLC_bn *a = TGLC_bn_bin2bn (random, 256, 0);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:683:59: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bl_do_encr_chat (TLS, t, NULL, NULL, &our_id, &user_id, random, NULL, NULL, &state, NULL, NULL, NULL, NULL, NULL, NULL, TGLPF_CREATE | TGLPF_CREATED, NULL, 0);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:758:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
memcpy (random, DS_MDC->random->data, 256);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:762:85: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
((void (*)(struct tgl_state *, void *, void *, void *, void *))(*x))(TLS, x[1], random, q->callback, q->callback_extra);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:764:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
tfree_secure (random, 256);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:766:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
tfree_secure (random, 256);
data/tgl-2.0.1+git20160323.ffb04cac/auto-static-fetch.c:12:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char out_buf[OUT_BUF_SIZE];
data/tgl-2.0.1+git20160323.ffb04cac/auto-static-print-ds.c:13:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char out_buf[OUT_BUF_SIZE];
data/tgl-2.0.1+git20160323.ffb04cac/auto-static-store.c:95:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exp_buffer[1 << 25];;
data/tgl-2.0.1+git20160323.ffb04cac/auto-static-store.c:219:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (R->type, P->type, sizeof (*P->type));
data/tgl-2.0.1+git20160323.ffb04cac/auto-static.c:120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (R->type, P->type, sizeof (*P->type));
data/tgl-2.0.1+git20160323.ffb04cac/auto-static.c:166:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exp_buffer[1 << 25];;
data/tgl-2.0.1+git20160323.ffb04cac/auto.h:50:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r, d, len);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:108:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (TLS->DC_list[num]->auth_key, buf, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:110:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (TLS->encr_prime, prime, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:519:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:522:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (P->encr_chat.exchange_key, key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:525:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (P->encr_chat.exchange_key, key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:531:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (P->encr_chat.exchange_key, P->encr_chat.key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:534:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (P->encr_chat.key, key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:542:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (P->encr_chat.key, P->encr_chat.exchange_key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:549:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (P->encr_chat.key, P->encr_chat.exchange_key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:855:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:867:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (U->g_key, g_key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:871:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (U->key, key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:875:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (U->first_key_sha, first_key_id, 20);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes.h:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _dummy[
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:42:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char check_struct_sizes[(sizeof (TGLC_aes_key) == AES_KEY_BYTES) - 1];
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:46:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (key->_dummy, userKey, AES_KEY_BYTES);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:70:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2 * 16];
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:73:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prev_x, ivec + 16, 16);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:78:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:81:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cur_x, in, 16);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:100:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ivec + 16, prev_x, 16);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:101:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ivec, prev_y, 16);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:109:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2 * 16];
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prev_y, ivec, 16);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:117:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[16];
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_altern.c:120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cur_y, in, 16);
data/tgl-2.0.1+git20160323.ffb04cac/crypto/aes_openssl.c:30:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char check_struct_sizes[(sizeof (AES_KEY) == sizeof (TGLC_aes_key)) - 1];
data/tgl-2.0.1+git20160323.ffb04cac/crypto/bn_altern.c:111:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[sizeof (unsigned long)];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:61:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy (new, s, len);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1 << 20];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:346:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cur_name + L, "->params[%d]", i);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:358:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cur_name + L, "->params[0]");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:362:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cur_name + L, "->params[1]");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1145:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[20];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1146:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (s, "field%d", num);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1173:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[20];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1174:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (s, "field%d", num);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1190:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1239:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1299:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1366:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1430:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1498:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1551:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1601:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[10000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2220:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[1000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2288:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *gen_what[1000];
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:3037:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open (argv[optind], O_RDONLY | O_BINARY);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:94:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen (public_key_name, "r");
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:131:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int encrypt_packet_buffer_aes_unauth (const char server_nonce[16], const char hidden_client_nonce[32]) {
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:131:81: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int encrypt_packet_buffer_aes_unauth (const char server_nonce[16], const char hidden_client_nonce[32]) {
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:310:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char s_power[256];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:508:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sha1_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:584:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char th[44], sha1_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:585:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (th, DC->new_nonce, 32);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:592:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (th + 33, sha1_buffer, 8);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:621:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (DC->temp_auth_key, DC->auth_key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:718:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha1_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:726:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (enc->msg_key, sha1_buffer + 4, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:744:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (enc_msg.message, msg, msg_ints * 4);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:769:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (enc_msg.message, msg, msg_ints * 4);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:777:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, &enc_msg, l + UNENCSZ);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:1084:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:1153:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Response[MAX_RESPONSE_SIZE];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-client.c:1222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (DC->temp_auth_key, DC->auth_key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:69:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int r = 0, h = open ("/dev/random", O_RDONLY | O_NONBLOCK);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:81:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = open ("/dev/urandom", O_RDONLY);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:148:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rb[32];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:155:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open (password_filename, O_RDONLY | O_BINARY);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:206:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tempbuff[4096];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:207:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha[20];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:227:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, str, len);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (packet_ptr, data, len);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:340:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char aes_key_raw[32], aes_iv[32];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:343:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_unauth (const char server_nonce[16], const char hidden_client_nonce[32], int encrypt) {
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:343:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_unauth (const char server_nonce[16], const char hidden_client_nonce[32], int encrypt) {
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:344:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buffer[64], hash[20];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:345:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, hidden_client_nonce, 32);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:346:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 32, server_nonce, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:348:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 32, hidden_client_nonce, 32);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:350:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, server_nonce, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:351:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 16, hidden_client_nonce, 32);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:353:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_key_raw + 20, hash, 12);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:354:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_iv, hash + 12, 8);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:355:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_iv + 28, hidden_client_nonce, 4);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:364:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_auth (char auth_key[192], char msg_key[16], int encrypt) {
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:364:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_auth (char auth_key[192], char msg_key[16], int encrypt) {
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:365:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buffer[48], hash[20];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:372:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:373:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 16, auth_key, 32);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:375:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_key_raw, hash, 8);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:376:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_iv, hash + 8, 12);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:378:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, auth_key + 32, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 16, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:380:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 32, auth_key + 48, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:382:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_key_raw + 8, hash + 8, 12);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:383:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_iv + 12, hash, 8);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, auth_key + 64, 32);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:386:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 32, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:388:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_key_raw + 20, hash + 4, 12);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:389:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_iv + 20, hash + 16, 4);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:391:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:392:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + 16, auth_key + 96, 32);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:394:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aes_iv + 24, hash, 8);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_key[16];
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (packet_ptr, what, len * 4);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r, s, i);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:245:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*s, r, l);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:318:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, in_ptr, size);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:323:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, in_ptr, size);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:344:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, in_ptr, 4 * count);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:353:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 256 - l, s, l);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:356:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, s + (l - 256), 256);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:374:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_unauth (const char server_nonce[16], const char hidden_client_nonce[32], int encrypt);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:374:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_unauth (const char server_nonce[16], const char hidden_client_nonce[32], int encrypt);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:375:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_auth (char auth_key[192], char msg_key[16], int encrypt);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:375:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void tgl_init_aes_auth (char auth_key[192], char msg_key[16], int encrypt);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:9:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1a_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:10:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1b_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:11:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1c_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:12:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1d_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:16:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (msg_key, sha1a_buffer + 4, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:18:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[64];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:19:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:20:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 16, E->key, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:23:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, E->key + 8, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:24:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 16, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:25:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 32, E->key + 12, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:28:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, E->key + 16, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:29:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 32, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:32:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:33:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 16, E->key + 24, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:36:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char key[32];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:37:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (key, sha1a_buffer + 0, 8);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:38:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (key + 8, sha1b_buffer + 8, 12);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:39:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (key + 20, sha1c_buffer + 4, 12);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:41:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char iv[32];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:42:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv, sha1a_buffer + 8, 12);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:43:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv + 12, sha1b_buffer + 0, 8);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:44:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv + 20, sha1c_buffer + 16, 4);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:45:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv + 24, sha1d_buffer + 0, 8);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (encr_extra, encrypt_decrypted_message (E), 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:424:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5[16];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:425:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[64];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:426:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (str, f->key, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:427:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (str + 32, f->init_iv, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:547:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char random_here[256];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:565:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char kk[256];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:568:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:595:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[256];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:623:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (t, U->key, 256);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:628:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:636:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (U->first_key_sha, sha_buffer, 20);
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:647:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char random_here[256];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:669:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_a[256];
data/tgl-2.0.1+git20160323.ffb04cac/queries-encrypted.c:758:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (random, DS_MDC->random->data, 256);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:232:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (q->data, data, 4 * ints);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:499:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:515:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:524:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:532:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:541:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[1001];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:716:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r + 1, text + p + 9, len);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:792:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (n, new_text, cur_p);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:1258:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open (file_name, O_RDONLY | O_BINARY);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:1266:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[(1 << 20) + 1];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:2037:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512 << 10];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:2082:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open (file_name, O_RDONLY | O_BINARY);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:2161:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (f->init_iv, f->iv, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3118:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
D->fd = open (D->name, O_CREAT | O_WRONLY | O_BINARY, 0640);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3202:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3382:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (D->iv, V->iv, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3391:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5[16];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3392:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[64];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3393:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (str, V->key, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3394:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (str + 32, V->iv, 32);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3940:77: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int tgl_do_visualize_key (struct tgl_state *TLS, tgl_peer_id_t id, unsigned char buf[16]) {
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:3948:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, P->encr_chat.first_key_sha, 16);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4547:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[512];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4548:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char shab[32];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4558:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s, current_salt, current_salt_len);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4559:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s + current_salt_len, current_password, current_password_len);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4560:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s + current_salt_len + current_password_len, current_salt, current_salt_len);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4572:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char d[256];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4573:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (d, new_salt, new_salt_len);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4578:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s, d, l);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4580:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s + l, new_password, new_password_len);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4581:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s + l + new_password_len, d, l);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4678:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[512];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4742:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[512];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4743:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char shab[32];
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4752:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s, E->current_salt, l);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4757:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (s + l + r, E->current_salt, l);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4787:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[512];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:95:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *d[4];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:97:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[10000];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:397:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, src + src_len - 256, 256);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:400:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst + 256 - src_len, src, src_len);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:406:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, src + src_len - 32, 32);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:409:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst + 32 - src_len, src, src_len);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:444:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char g_key[256];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1629:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1a_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1630:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1b_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1631:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1c_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1632:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sha1d_buffer[20];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1634:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[64];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1638:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1639:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 16, e_key, 32);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1642:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, e_key + 8, 16);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1643:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 16, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1644:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 32, e_key + 12, 16);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1647:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, e_key + 16, 32);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1648:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 32, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1651:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, msg_key, 16);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1652:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 16, e_key + 24, 32);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1655:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char key[32];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1656:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (key, sha1a_buffer + 0, 8);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1657:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (key + 8, sha1b_buffer + 8, 12);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1658:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (key + 20, sha1c_buffer + 4, 12);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1660:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char iv[32];
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1661:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv, sha1a_buffer + 8, 12);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1662:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv + 12, sha1b_buffer + 0, 8);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1663:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv + 20, sha1c_buffer + 16, 4);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:1664:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (iv + 24, sha1d_buffer + 0, 8);
data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.c:9:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *mime_type_names[MAX_MIME_TYPES_NUM];
data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.c:10:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *mime_type_extensions[MAX_MIME_TYPES_NUM];
data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.c:92:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[11];
data/tgl-2.0.1+git20160323.ffb04cac/tgl-layout.h:170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char auth_key[256];
data/tgl-2.0.1+git20160323.ffb04cac/tgl-layout.h:171:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_auth_key[256];
data/tgl-2.0.1+git20160323.ffb04cac/tgl-layout.h:172:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[256];
data/tgl-2.0.1+git20160323.ffb04cac/tgl-layout.h:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_nonce[256];
data/tgl-2.0.1+git20160323.ffb04cac/tgl-layout.h:174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_nonce[256];
data/tgl-2.0.1+git20160323.ffb04cac/tgl-layout.h:470:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char first_key_sha[20];
data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c:144:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (c->out_tail->wptr, data, len);
data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c:151:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (c->out_tail->wptr, data, y);
data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c:176:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, c->in_head->rptr, len);
data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c:181:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, c->in_head->rptr, y);
data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c:209:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, b->rptr, len);
data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c:212:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, b->rptr, y);
data/tgl-2.0.1+git20160323.ffb04cac/tgl-queries.h:165:84: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int tgl_do_visualize_key (struct tgl_state *TLS, tgl_secret_chat_id_t id, unsigned char buf[16]);
data/tgl-2.0.1+git20160323.ffb04cac/tgl.h:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rsa_key_list[TGL_MAX_RSA_KEYS_NUM];
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:123:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rs, *res, strlen (*res) + 1);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:169:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, ptr, size >= old_size ? old_size : size);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:215:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, s, l + 1);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p, s, l);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (r, s, n);
data/tgl-2.0.1+git20160323.ffb04cac/auto-static-autocomplete.c:57:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (text);
data/tgl-2.0.1+git20160323.ffb04cac/auto-static.c:312:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen (text);
data/tgl-2.0.1+git20160323.ffb04cac/binlog.c:57:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen (a) != l) { return 1; }
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:335:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int L = strlen (cur_name);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:546:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id) && !empty) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:626:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id) > 0 && !empty) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:627:150: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf ("%sif (cur_token_len >= 0 && cur_token_len == %d && !cur_token_quoted && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", offset, (int)(strlen (arg->id)), arg->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:707:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id) > 0 && !empty) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:708:161: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf ("%sif (cur_token_len == -3 && cur_token_real_len <= %d && !cur_token_quoted && !memcmp (cur_token, \"%s\", cur_token_real_len)) {\n", offset, (int)(strlen (arg->id)), arg->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:713:129: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf ("%sif (cur_token_len >= 0 && cur_token_len == %d && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", offset, (int)(strlen (arg->id)), arg->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:798:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:825:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:846:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:855:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:888:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:913:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:929:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:936:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:966:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:996:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1012:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1039:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id) && !empty) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1049:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1078:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1098:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1129:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id) > 0) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1130:161: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf ("%sif (cur_token_len == -3 && cur_token_real_len <= %d && !cur_token_quoted && !memcmp (cur_token, \"%s\", cur_token_real_len)) {\n", offset, (int)(strlen (arg->id)), arg->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1135:129: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf ("%sif (cur_token_len >= 0 && cur_token_len == %d && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", offset, (int)(strlen (arg->id)), arg->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1163:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg->id && strlen (arg->id) > 0) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1164:150: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf ("%sif (cur_token_len >= 0 && cur_token_len == %d && !cur_token_quoted && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", offset, (int)(strlen (arg->id)), arg->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1191:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1240:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1300:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1367:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1431:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1499:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1552:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1602:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (s, "T");
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1741:102: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf (" if (cur_token_len == %d && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", (int)strlen (t->constructors[i]->id), t->constructors[i]->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:1782:102: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf (" if (cur_token_len == %d && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", (int)strlen (t->constructors[i]->id), t->constructors[i]->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2447:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf (" if (cur_token_len == %d && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", (int)strlen (fns[i]->id), fns[i]->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2524:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf (" if (cur_token_len == %d && !memcmp (cur_token, \"%s\", cur_token_len)) {\n", (int)strlen (fns[i]->id), fns[i]->id);
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2562:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (c->args[k]->id && strlen (c->args[k]->id) && j > 0) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2580:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!c->args[k]->id || !strlen (c->args[k]->id)) {
data/tgl-2.0.1+git20160323.ffb04cac/generate.c:2994:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int rval = read (fd, buf + rs, len - rs);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:71:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read (h, buf, n);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:85:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int s = read (h, buf + r, n - r);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.c:160:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int l = read (fd, a, password_length);
data/tgl-2.0.1+git20160323.ffb04cac/mtproto-common.h:174:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_cstring (str, strlen (str));
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:122:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen (a) != l) { return 1; }
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:1196:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = strlen (new_text);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:1267:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int x = read (fd, buf, (1 << 20) + 1);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:1887:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = f->file_name + strlen (f->file_name);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:1931:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = f->file_name + strlen (f->file_name);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:2038:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int x = read (f->fd, buf, f->part_size);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4614:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (pwd) != (size_t)E->new_password_len || memcmp (E->new_password, pwd, E->new_password_len)) {
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4639:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->new_password_len = strlen (pwd[0]);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4646:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->current_password_len = strlen (pwd[0]);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4668:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->hint_len = strlen (new_hint);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4746:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (strlen (pwd[0]) <= 128);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:4754:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int r = strlen (pwd[0]);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5175:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tgl_do_send_code_result (TLS, E->phone, E->phone_len, E->hash, E->hash_len, code[0], strlen (code[0]), tgl_sign_in_result, E);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5203:93: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tgl_do_send_code_result_auth (TLS, E->phone, E->phone_len, E->hash, E->hash_len, code[0], strlen (code[0]), E->first_name, E->first_name_len, E->last_name, E->last_name_len, tgl_sign_up_result, E);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5208:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->last_name_len = strlen (last_name);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5213:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (first_name) < 1) {
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5217:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->first_name_len = strlen (first_name);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5225:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (yn) > 1) {
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5227:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen (yn) == 0 || *yn == 'y' || *yn == 'Y') {
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5258:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->hash_len = strlen (mhash);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5270:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->phone_len = strlen (phone[0]);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5288:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tgl_do_send_bot_auth (TLS, code[0], strlen (code[0]), tgl_sign_in_bot_cb, NULL);
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5417:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_cstring (code[0], strlen (code[0]));
data/tgl-2.0.1+git20160323.ffb04cac/queries.c:5434:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
E->hash_len = strlen (mhash);
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:102:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (d[i] && strlen (d[i])) {
data/tgl-2.0.1+git20160323.ffb04cac/structures.c:116:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int fl = strlen (s);
data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.c:77:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen (filename);
data/tgl-2.0.1+git20160323.ffb04cac/tg-mime-types.c:89:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p) > 10) {
data/tgl-2.0.1+git20160323.ffb04cac/tgl-net.c:506:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int r = read (c->fd, c->in_tail->wptr, c->in_tail->end - c->in_tail->wptr);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:122:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
void *rs = talloc (strlen (*res) + 1);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:123:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy (rs, *res, strlen (*res) + 1);
data/tgl-2.0.1+git20160323.ffb04cac/tools.c:213:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen (s);
data/tgl-2.0.1+git20160323.ffb04cac/tools.h:111:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tfree (ptr, strlen ((const char *)ptr) + 1);
ANALYSIS SUMMARY:
Hits = 359
Lines analyzed = 27015 in approximately 1.12 seconds (24102 lines/second)
Physical Source Lines of Code (SLOC) = 22238
Hits@level = [0] 890 [1] 82 [2] 254 [3] 13 [4] 10 [5] 0
Hits@level+ = [0+] 1249 [1+] 359 [2+] 277 [3+] 23 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 56.1651 [1+] 16.1435 [2+] 12.4562 [3+] 1.03427 [4+] 0.449681 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.