Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tinyssh-20190101/_tinyssh/_tinysshd-install.c Examining data/tinyssh-20190101/_tinyssh/_tinysshd-printkex.c Examining data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c Examining data/tinyssh-20190101/_tinyssh/_tinysshd-test-hello1.c Examining data/tinyssh-20190101/_tinyssh/_tinysshd-test-hello2.c Examining data/tinyssh-20190101/_tinyssh/_tinysshd-test-kex1.c Examining data/tinyssh-20190101/_tinyssh/_tinysshd-test-kex2.c Examining data/tinyssh-20190101/_tinyssh/_tinysshd-unauthenticated.c Examining data/tinyssh-20190101/crypto-tests/crypto_hash_sha256test.c Examining data/tinyssh-20190101/crypto-tests/crypto_hash_sha512test.c Examining data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761test.c Examining data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761x25519test.c Examining data/tinyssh-20190101/crypto-tests/crypto_onetimeauth_poly1305test.c Examining data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c Examining data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c Examining data/tinyssh-20190101/crypto-tests/crypto_stream_chacha20test.c Examining data/tinyssh-20190101/crypto-tests/crypto_verify_16test.c Examining data/tinyssh-20190101/crypto-tests/crypto_verify_32test.c Examining data/tinyssh-20190101/crypto-tests/misc.h Examining data/tinyssh-20190101/crypto-tests/randombytestest.c Examining data/tinyssh-20190101/crypto/cleanup.c Examining data/tinyssh-20190101/crypto/cleanup.h Examining data/tinyssh-20190101/crypto/crypto_hash_sha256.c Examining data/tinyssh-20190101/crypto/crypto_hash_sha256.h Examining data/tinyssh-20190101/crypto/crypto_hash_sha512.c Examining data/tinyssh-20190101/crypto/crypto_hash_sha512.h Examining data/tinyssh-20190101/crypto/crypto_int16.h Examining data/tinyssh-20190101/crypto/crypto_int32.h Examining data/tinyssh-20190101/crypto/crypto_int64.h Examining data/tinyssh-20190101/crypto/crypto_int8.h Examining data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c Examining data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.h Examining data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761x25519.c Examining data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761x25519.h Examining data/tinyssh-20190101/crypto/crypto_onetimeauth_poly1305.c Examining data/tinyssh-20190101/crypto/crypto_onetimeauth_poly1305.h Examining data/tinyssh-20190101/crypto/crypto_scalarmult_curve25519.c Examining data/tinyssh-20190101/crypto/crypto_scalarmult_curve25519.h Examining data/tinyssh-20190101/crypto/crypto_sign_ed25519.c Examining data/tinyssh-20190101/crypto/crypto_sign_ed25519.h Examining data/tinyssh-20190101/crypto/crypto_stream_chacha20.c Examining data/tinyssh-20190101/crypto/crypto_stream_chacha20.h Examining data/tinyssh-20190101/crypto/crypto_uint16.h Examining data/tinyssh-20190101/crypto/crypto_uint32.h Examining data/tinyssh-20190101/crypto/crypto_uint64.h Examining data/tinyssh-20190101/crypto/crypto_uint8.h Examining data/tinyssh-20190101/crypto/crypto_verify_16.c Examining data/tinyssh-20190101/crypto/crypto_verify_16.h Examining data/tinyssh-20190101/crypto/crypto_verify_32.c Examining data/tinyssh-20190101/crypto/crypto_verify_32.h Examining data/tinyssh-20190101/crypto/fe.c Examining data/tinyssh-20190101/crypto/fe.h Examining data/tinyssh-20190101/crypto/fe25519.c Examining data/tinyssh-20190101/crypto/fe25519.h Examining data/tinyssh-20190101/crypto/ge25519.c Examining data/tinyssh-20190101/crypto/ge25519.h Examining data/tinyssh-20190101/crypto/randombytes.c Examining data/tinyssh-20190101/crypto/randombytes.h Examining data/tinyssh-20190101/crypto/sc25519.c Examining data/tinyssh-20190101/crypto/sc25519.h Examining data/tinyssh-20190101/crypto/uint32_pack.c Examining data/tinyssh-20190101/crypto/uint32_pack.h Examining data/tinyssh-20190101/crypto/uint32_pack_big.c Examining data/tinyssh-20190101/crypto/uint32_pack_big.h Examining data/tinyssh-20190101/crypto/uint32_unpack.c Examining data/tinyssh-20190101/crypto/uint32_unpack.h Examining data/tinyssh-20190101/crypto/uint32_unpack_big.c Examining data/tinyssh-20190101/crypto/uint32_unpack_big.h Examining data/tinyssh-20190101/crypto/verify.c Examining data/tinyssh-20190101/crypto/verify.h Examining data/tinyssh-20190101/sysdep/default.h-no.c Examining data/tinyssh-20190101/sysdep/hasasmvolatilememory.h-yes.c Examining data/tinyssh-20190101/sysdep/haslibutilh.h-yes.c Examining data/tinyssh-20190101/sysdep/haslimits.h-yes.c Examining data/tinyssh-20190101/sysdep/haslogintty.h-yes.c Examining data/tinyssh-20190101/sysdep/hasmlock.h-yes.c Examining data/tinyssh-20190101/sysdep/hasopenpty.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutilh.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmp.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmphost.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmploginlogout.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmplogwtmp.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmpname.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmppid.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmptime.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmptv.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmptype.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmpuser.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmpx.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmpxsyslen.h-yes.c Examining data/tinyssh-20190101/sysdep/hasutmpxupdwtmpx.h-yes.c Examining data/tinyssh-20190101/tinyssh-tests/blockingtest.c Examining data/tinyssh-20190101/tinyssh-tests/buftest.c Examining data/tinyssh-20190101/tinyssh-tests/bytetest.c Examining data/tinyssh-20190101/tinyssh-tests/channel_forktest.c Examining data/tinyssh-20190101/tinyssh-tests/channel_subsystemtest.c Examining data/tinyssh-20190101/tinyssh-tests/channeltest.c Examining data/tinyssh-20190101/tinyssh-tests/coetest.c Examining data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c Examining data/tinyssh-20190101/tinyssh-tests/dropuidgidtest.c Examining data/tinyssh-20190101/tinyssh-tests/emptytest.c Examining data/tinyssh-20190101/tinyssh-tests/envtest.c Examining data/tinyssh-20190101/tinyssh-tests/etest.c Examining data/tinyssh-20190101/tinyssh-tests/fail.h Examining data/tinyssh-20190101/tinyssh-tests/getlntest.c Examining data/tinyssh-20190101/tinyssh-tests/globaltest.c Examining data/tinyssh-20190101/tinyssh-tests/iptostrtest.c Examining data/tinyssh-20190101/tinyssh-tests/loadtest.c Examining data/tinyssh-20190101/tinyssh-tests/loginshelltest.c Examining data/tinyssh-20190101/tinyssh-tests/logtest.c Examining data/tinyssh-20190101/tinyssh-tests/newenvtest.c Examining data/tinyssh-20190101/tinyssh-tests/numtostrtest.c Examining data/tinyssh-20190101/tinyssh-tests/opentest.c Examining data/tinyssh-20190101/tinyssh-tests/packetparsertest.c Examining data/tinyssh-20190101/tinyssh-tests/porttostrtest.c Examining data/tinyssh-20190101/tinyssh-tests/randommodtest.c Examining data/tinyssh-20190101/tinyssh-tests/readalltest.c Examining data/tinyssh-20190101/tinyssh-tests/run.h Examining data/tinyssh-20190101/tinyssh-tests/savesynctest.c Examining data/tinyssh-20190101/tinyssh-tests/sshcryptotest.c Examining data/tinyssh-20190101/tinyssh-tests/sshtest.c Examining data/tinyssh-20190101/tinyssh-tests/stringparsertest.c Examining data/tinyssh-20190101/tinyssh-tests/strtest.c Examining data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c Examining data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c Examining data/tinyssh-20190101/tinyssh-tests/trymlocktest.c Examining data/tinyssh-20190101/tinyssh-tests/writealltest.c Examining data/tinyssh-20190101/tinyssh/blocking.c Examining data/tinyssh-20190101/tinyssh/blocking.h Examining data/tinyssh-20190101/tinyssh/buf.c Examining data/tinyssh-20190101/tinyssh/buf.h Examining data/tinyssh-20190101/tinyssh/bug.h Examining data/tinyssh-20190101/tinyssh/byte.c Examining data/tinyssh-20190101/tinyssh/byte.h Examining data/tinyssh-20190101/tinyssh/channel.c Examining data/tinyssh-20190101/tinyssh/channel.h Examining data/tinyssh-20190101/tinyssh/channel_drop.c Examining data/tinyssh-20190101/tinyssh/channel_fork.c Examining data/tinyssh-20190101/tinyssh/channel_forkpty.c Examining data/tinyssh-20190101/tinyssh/channel_subsystem.c Examining data/tinyssh-20190101/tinyssh/coe.c Examining data/tinyssh-20190101/tinyssh/coe.h Examining data/tinyssh-20190101/tinyssh/connectioninfo.c Examining data/tinyssh-20190101/tinyssh/connectioninfo.h Examining data/tinyssh-20190101/tinyssh/die.c Examining data/tinyssh-20190101/tinyssh/die.h Examining data/tinyssh-20190101/tinyssh/dropuidgid.c Examining data/tinyssh-20190101/tinyssh/dropuidgid.h Examining data/tinyssh-20190101/tinyssh/e.c Examining data/tinyssh-20190101/tinyssh/e.h Examining data/tinyssh-20190101/tinyssh/env.c Examining data/tinyssh-20190101/tinyssh/env.h Examining data/tinyssh-20190101/tinyssh/getln.c Examining data/tinyssh-20190101/tinyssh/getln.h Examining data/tinyssh-20190101/tinyssh/global.c Examining data/tinyssh-20190101/tinyssh/global.h Examining data/tinyssh-20190101/tinyssh/iptostr.c Examining data/tinyssh-20190101/tinyssh/iptostr.h Examining data/tinyssh-20190101/tinyssh/limit.h Examining data/tinyssh-20190101/tinyssh/load.c Examining data/tinyssh-20190101/tinyssh/load.h Examining data/tinyssh-20190101/tinyssh/log.c Examining data/tinyssh-20190101/tinyssh/log.h Examining data/tinyssh-20190101/tinyssh/loginshell.c Examining data/tinyssh-20190101/tinyssh/loginshell.h Examining data/tinyssh-20190101/tinyssh/logsys.c Examining data/tinyssh-20190101/tinyssh/logsys.h Examining data/tinyssh-20190101/tinyssh/main.h Examining data/tinyssh-20190101/tinyssh/main_tinysshd.c Examining data/tinyssh-20190101/tinyssh/main_tinysshd_makekey.c Examining data/tinyssh-20190101/tinyssh/main_tinysshd_printkey.c Examining data/tinyssh-20190101/tinyssh/newenv.c Examining data/tinyssh-20190101/tinyssh/newenv.h Examining data/tinyssh-20190101/tinyssh/numtostr.c Examining data/tinyssh-20190101/tinyssh/numtostr.h Examining data/tinyssh-20190101/tinyssh/open.c Examining data/tinyssh-20190101/tinyssh/open.h Examining data/tinyssh-20190101/tinyssh/packet.c Examining data/tinyssh-20190101/tinyssh/packet.h Examining data/tinyssh-20190101/tinyssh/packet_auth.c Examining data/tinyssh-20190101/tinyssh/packet_channel_open.c Examining data/tinyssh-20190101/tinyssh/packet_channel_recv.c Examining data/tinyssh-20190101/tinyssh/packet_channel_request.c Examining data/tinyssh-20190101/tinyssh/packet_channel_send.c Examining data/tinyssh-20190101/tinyssh/packet_get.c Examining data/tinyssh-20190101/tinyssh/packet_hello.c Examining data/tinyssh-20190101/tinyssh/packet_kex.c Examining data/tinyssh-20190101/tinyssh/packet_kexdh.c Examining data/tinyssh-20190101/tinyssh/packet_put.c Examining data/tinyssh-20190101/tinyssh/packet_recv.c Examining data/tinyssh-20190101/tinyssh/packet_send.c Examining data/tinyssh-20190101/tinyssh/packet_unimplemented.c Examining data/tinyssh-20190101/tinyssh/packetparser.c Examining data/tinyssh-20190101/tinyssh/packetparser.h Examining data/tinyssh-20190101/tinyssh/porttostr.c Examining data/tinyssh-20190101/tinyssh/porttostr.h Examining data/tinyssh-20190101/tinyssh/purge.h Examining data/tinyssh-20190101/tinyssh/randommod.c Examining data/tinyssh-20190101/tinyssh/randommod.h Examining data/tinyssh-20190101/tinyssh/readall.c Examining data/tinyssh-20190101/tinyssh/readall.h Examining data/tinyssh-20190101/tinyssh/savesync.c Examining data/tinyssh-20190101/tinyssh/savesync.h Examining data/tinyssh-20190101/tinyssh/ssh.c Examining data/tinyssh-20190101/tinyssh/ssh.h Examining data/tinyssh-20190101/tinyssh/sshcrypto.c Examining data/tinyssh-20190101/tinyssh/sshcrypto.h Examining data/tinyssh-20190101/tinyssh/sshcrypto_cipher.c Examining data/tinyssh-20190101/tinyssh/sshcrypto_cipher_chachapoly.c Examining data/tinyssh-20190101/tinyssh/sshcrypto_kex.c Examining data/tinyssh-20190101/tinyssh/sshcrypto_kex_curve25519.c Examining data/tinyssh-20190101/tinyssh/sshcrypto_kex_sntrup4591761x25519.c Examining data/tinyssh-20190101/tinyssh/sshcrypto_key.c Examining data/tinyssh-20190101/tinyssh/sshcrypto_key_ed25519.c Examining data/tinyssh-20190101/tinyssh/str.c Examining data/tinyssh-20190101/tinyssh/str.h Examining data/tinyssh-20190101/tinyssh/stringparser.c Examining data/tinyssh-20190101/tinyssh/stringparser.h Examining data/tinyssh-20190101/tinyssh/subprocess.h Examining data/tinyssh-20190101/tinyssh/subprocess_auth.c Examining data/tinyssh-20190101/tinyssh/subprocess_sign.c Examining data/tinyssh-20190101/tinyssh/tinysshd.c Examining data/tinyssh-20190101/tinyssh/trymlock.c Examining data/tinyssh-20190101/tinyssh/trymlock.h Examining data/tinyssh-20190101/tinyssh/writeall.c Examining data/tinyssh-20190101/tinyssh/writeall.h FINAL RESULTS: data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:194:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod("authorized_keys", 0777) == -1) fail("chmod() failure"); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:206:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod("authorized_keys", 0775) == -1) fail("chmod() failure"); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:218:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod("authorized_keys", 0757) == -1) fail("chmod() failure"); data/tinyssh-20190101/tinyssh/channel_drop.c:27:13: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. if (chown(name, pw->pw_uid, pw->pw_gid) == -1) return 0; data/tinyssh-20190101/tinyssh/channel_drop.c:28:13: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod(name, 0600) == -1) return 0; data/tinyssh-20190101/_tinyssh/_tinysshd-printkex.c:117:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(*argv, argv); data/tinyssh-20190101/_tinyssh/_tinysshd-test-hello1.c:33:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(*argv, argv); data/tinyssh-20190101/_tinyssh/_tinysshd-test-hello2.c:63:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(*argv, argv); data/tinyssh-20190101/_tinyssh/_tinysshd-test-kex1.c:58:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(*argv, argv); data/tinyssh-20190101/_tinyssh/_tinysshd-test-kex2.c:144:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(*argv, argv); data/tinyssh-20190101/_tinyssh/_tinysshd-unauthenticated.c:76:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(*argv, argv); data/tinyssh-20190101/tinyssh-tests/opentest.c:15:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(*catcmd, catcmd); data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:7:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char sk[2560]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:8:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pk[2560]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:9:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char c[2560]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:10:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char a[16]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:11:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char n[8]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:12:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char k[64]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:13:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char h[64]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:14:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char space[10240]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:15:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char m[51200]; data/tinyssh-20190101/_tinyssh/_tinysshd-speed.c:16:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char sm[51200]; data/tinyssh-20190101/_tinyssh/_tinysshd-test-kex2.c:118:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char bspace[1024]; data/tinyssh-20190101/_tinyssh/_tinysshd-unauthenticated.c:47:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char bspace[1024]; data/tinyssh-20190101/crypto-tests/crypto_hash_sha256test.c:12:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char space[SPACESIZE + 16]; data/tinyssh-20190101/crypto-tests/crypto_hash_sha256test.c:13:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char buf[crypto_hash_sha256_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_hash_sha256test.c:15:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char test_pseudorandom_checksum[32] = { data/tinyssh-20190101/crypto-tests/crypto_hash_sha512test.c:12:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char space[SPACESIZE + 16]; data/tinyssh-20190101/crypto-tests/crypto_hash_sha512test.c:13:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char buf[crypto_hash_sha512_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_hash_sha512test.c:15:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char test_pseudorandom_checksum[32] = { data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761test.c:11:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sk[crypto_kem_sntrup4591761_SECRETKEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761test.c:12:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pk[crypto_kem_sntrup4591761_PUBLICKEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761test.c:13:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char c[crypto_kem_sntrup4591761_CIPHERTEXTBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761test.c:14:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char k1[crypto_kem_sntrup4591761_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761test.c:15:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char k2[crypto_kem_sntrup4591761_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761x25519test.c:11:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sk[crypto_kem_sntrup4591761x25519_SECRETKEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761x25519test.c:12:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pk[crypto_kem_sntrup4591761x25519_PUBLICKEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761x25519test.c:13:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char c[crypto_kem_sntrup4591761x25519_CIPHERTEXTBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761x25519test.c:14:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char k1[crypto_kem_sntrup4591761x25519_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_kem_sntrup4591761x25519test.c:15:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char k2[crypto_kem_sntrup4591761x25519_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_onetimeauth_poly1305test.c:12:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char space[SPACESIZE + 16]; data/tinyssh-20190101/crypto-tests/crypto_onetimeauth_poly1305test.c:13:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char key[crypto_onetimeauth_poly1305_KEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_onetimeauth_poly1305test.c:14:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char buf[crypto_onetimeauth_poly1305_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_onetimeauth_poly1305test.c:16:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char test_pseudorandom_checksum[32] = { data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:13:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pk[BYTES]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:14:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char sk1[SCALARBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:15:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pk1[BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:16:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char k1[BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:17:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char sk2[SCALARBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:18:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pk2[BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:19:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char k2[BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:22:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char S[BYTES] = { 9 }; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:24:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char R[BYTES] = { data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:31:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char d[SCALARBYTES] = { data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:41:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char r[BYTES]; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:47:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char skdata[1080][32] = { data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:51:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pkdata[1080][32] = { data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:74:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char basepoint[BYTES] = { 9 }; data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:76:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char test_scalarmult_checksum[32] = { data/tinyssh-20190101/crypto-tests/crypto_scalarmult_curve25519test.c:86:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char outpk[BYTES]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:13:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char space[MLEN + 16]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:14:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char m[MLEN + crypto_sign_ed25519_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:15:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char sm[MLEN + crypto_sign_ed25519_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:16:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char sk[crypto_sign_ed25519_SECRETKEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:17:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pk[crypto_sign_ed25519_PUBLICKEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:21:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char test_precomp_checksumsha2[32] = { data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:28:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char test_precomp_checksumsha3[32] = { data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:35:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char skdata[1080][32] = { data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:39:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pkdata[1080][32] = { data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:97:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char m[1024]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:98:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sm[1024]; data/tinyssh-20190101/crypto-tests/crypto_sign_ed25519test.c:99:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char om[1024]; data/tinyssh-20190101/crypto-tests/crypto_stream_chacha20test.c:11:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char space[5232]; data/tinyssh-20190101/crypto-tests/crypto_stream_chacha20test.c:12:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char k[crypto_stream_chacha20_KEYBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_stream_chacha20test.c:13:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char n[crypto_stream_chacha20_NONCEBYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_stream_chacha20test.c:15:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char o[32] = { data/tinyssh-20190101/crypto-tests/crypto_verify_16test.c:10:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char b1[crypto_verify_16_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_verify_16test.c:11:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char b2[crypto_verify_16_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_verify_32test.c:10:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char b1[crypto_verify_32_BYTES + 16]; data/tinyssh-20190101/crypto-tests/crypto_verify_32test.c:11:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char b2[crypto_verify_32_BYTES + 16]; data/tinyssh-20190101/crypto-tests/misc.h:66:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char checksum_state[64] = {0}; data/tinyssh-20190101/crypto-tests/misc.h:135:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const static unsigned char randombytes_k[33] = "answer randombytes from crypto_*"; data/tinyssh-20190101/crypto-tests/misc.h:136:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char randombytes_n[8]; data/tinyssh-20190101/crypto-tests/misc.h:143:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char randombytes_k[32]; data/tinyssh-20190101/crypto-tests/misc.h:144:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char randombytes_n[8]; data/tinyssh-20190101/crypto-tests/randombytestest.c:52:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[16]; data/tinyssh-20190101/crypto-tests/randombytestest.c:74:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf1[16]; data/tinyssh-20190101/crypto-tests/randombytestest.c:75:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf2[16]; data/tinyssh-20190101/crypto/crypto_hash_sha256.c:88:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char x[128]; data/tinyssh-20190101/crypto/crypto_hash_sha512.c:87:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char x[256]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:140:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char x[4*761]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:154:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char x[4]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:920:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sk + 2 * small_encode_len,pk,rq_encode_len); data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:940:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rstr[small_encode_len]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:941:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hash[64]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:963:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(k,hash + 32,32); data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:964:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cstr,hash,32); data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:990:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rstr[small_encode_len]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761.c:991:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hash[64]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761x25519.c:38:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char onetimesk[x25519_SCALARBYTES]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761x25519.c:39:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[sx_BYTES]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761x25519.c:40:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[sx_BYTES]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761x25519.c:74:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[sx_BYTES]; data/tinyssh-20190101/crypto/crypto_kem_sntrup4591761x25519.c:75:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[sx_BYTES]; data/tinyssh-20190101/crypto/crypto_onetimeauth_poly1305.c:62:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char mm[16]; data/tinyssh-20190101/crypto/crypto_onetimeauth_poly1305.c:145:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char correct[16]; data/tinyssh-20190101/crypto/crypto_scalarmult_curve25519.c:7:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char e[32]; data/tinyssh-20190101/crypto/crypto_scalarmult_curve25519.c:69:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char basepoint[32] = {9}; data/tinyssh-20190101/crypto/crypto_sign_ed25519.c:12:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char nonce[64], hram[64], sk[64], pk[32]; data/tinyssh-20190101/crypto/crypto_sign_ed25519.c:53:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pkcopy[32], rcopy[32], scopy[32], hram[64], rcheck[32]; data/tinyssh-20190101/crypto/crypto_sign_ed25519.c:105:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char h[64]; data/tinyssh-20190101/crypto/crypto_stream_chacha20.c:129:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b[64] = {0}; \ data/tinyssh-20190101/crypto/crypto_stream_chacha20.c:150:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ncopy[8], kcopy[32]; data/tinyssh-20190101/crypto/fe25519.c:214:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char zero[32] = {0}; data/tinyssh-20190101/crypto/fe25519.c:216:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char s[32]; data/tinyssh-20190101/crypto/fe25519.c:230:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char s[32]; data/tinyssh-20190101/crypto/ge25519.c:188:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char e[64]; data/tinyssh-20190101/crypto/randombytes.c:19:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/urandom",O_RDONLY | O_CLOEXEC); data/tinyssh-20190101/crypto/randombytes.c:21:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/urandom",O_RDONLY); data/tinyssh-20190101/crypto/sc25519.c:15:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void modL(unsigned char *r,crypto_int64 x[64]) data/tinyssh-20190101/sysdep/hasasmvolatilememory.h-yes.c:10:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x[16]; data/tinyssh-20190101/sysdep/hasmlock.h-yes.c:5:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x[16]; data/tinyssh-20190101/tinyssh-tests/buftest.c:73:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[10]; data/tinyssh-20190101/tinyssh-tests/buftest.c:95:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[10]; data/tinyssh-20190101/tinyssh-tests/buftest.c:117:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[10]; data/tinyssh-20190101/tinyssh-tests/buftest.c:138:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[10]; data/tinyssh-20190101/tinyssh-tests/buftest.c:147:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[10]; data/tinyssh-20190101/tinyssh-tests/buftest.c:156:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[10]; data/tinyssh-20190101/tinyssh-tests/buftest.c:190:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[2]; data/tinyssh-20190101/tinyssh-tests/buftest.c:413:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[100]; data/tinyssh-20190101/tinyssh-tests/buftest.c:422:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. buf_putbase64(&b, (unsigned char *)testvectors64[i].in, testvectors64[i].inlen); data/tinyssh-20190101/tinyssh-tests/buftest.c:431:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bspace[2]; data/tinyssh-20190101/tinyssh-tests/buftest.c:453:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char bspacesh[64]; data/tinyssh-20190101/tinyssh-tests/buftest.c:464:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. buf_putsharedsecret(&b, (unsigned char *)testvectorssh[i].in, testvectorssh[i].inlen); data/tinyssh-20190101/tinyssh-tests/bytetest.c:18:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b1[32]; data/tinyssh-20190101/tinyssh-tests/bytetest.c:19:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b2[32]; data/tinyssh-20190101/tinyssh-tests/bytetest.c:22:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char y[8]; data/tinyssh-20190101/tinyssh-tests/channel_forktest.c:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[5]; data/tinyssh-20190101/tinyssh-tests/channel_forktest.c:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[5]; data/tinyssh-20190101/tinyssh-tests/channeltest.c:160:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[10]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:27:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:64:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:65:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:66:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:67:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:121:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:122:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/connectioninfotest.c:123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/envtest.c:50:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *env[10]; data/tinyssh-20190101/tinyssh-tests/getlntest.c:18:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[6]; data/tinyssh-20190101/tinyssh-tests/iptostrtest.c:534:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/iptostrtest.c:535:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/iptostrtest.c:539:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. buf0 = iptostr(0, (unsigned char *)testvectors[i].ip); data/tinyssh-20190101/tinyssh-tests/iptostrtest.c:540:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. iptostr(buf1, (unsigned char *)testvectors[i].ip); data/tinyssh-20190101/tinyssh-tests/iptostrtest.c:554:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IPTOSTR_LEN + 16]; data/tinyssh-20190101/tinyssh-tests/iptostrtest.c:556:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ip[16]; data/tinyssh-20190101/tinyssh-tests/iptostrtest.c:557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[2] = {0x00, (char)0xff }; data/tinyssh-20190101/tinyssh-tests/loadtest.c:20:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space1[SPACELEN]; data/tinyssh-20190101/tinyssh-tests/loadtest.c:21:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space2[SPACELEN]; data/tinyssh-20190101/tinyssh-tests/loginshelltest.c:12:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[10]; data/tinyssh-20190101/tinyssh-tests/logtest.c:31:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char buf[1024]; data/tinyssh-20190101/tinyssh-tests/logtest.c:76:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[256]; data/tinyssh-20190101/tinyssh-tests/newenvtest.c:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *run[4]; data/tinyssh-20190101/tinyssh-tests/newenvtest.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/tinyssh-20190101/tinyssh-tests/newenvtest.c:97:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *run[4]; data/tinyssh-20190101/tinyssh-tests/numtostrtest.c:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NUMTOSTR_LEN + 16]; data/tinyssh-20190101/tinyssh-tests/numtostrtest.c:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[2] = {0x00, (char)0xff }; data/tinyssh-20190101/tinyssh-tests/opentest.c:14:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *catcmd[2] = { (char *)"cat", 0 }; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:19:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:49:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[5]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:71:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[5]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:72:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf2[6]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:95:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[5]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:104:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[5]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:114:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[3]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:123:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:136:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[3]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:148:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[3]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:159:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf1[10]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:160:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf2[11]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:168:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf1[10]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:169:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf2[10]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:180:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[1]; data/tinyssh-20190101/tinyssh-tests/packetparsertest.c:187:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[1]; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PORTTOSTR_LEN + 16]; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:17:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char port[2] = { 5, 5 }; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:18:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[2] = {0x00, (char)0xff }; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:47:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. x = porttostr(buf, (unsigned char *)testvectors[i].port); data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:48:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. y = porttostr(0, (unsigned char *)testvectors[i].port); data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:49:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. z = (char *)testvectors[i].portstr; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:67:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char port[2]; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh-tests/porttostrtest.c:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[PORTTOSTR_LEN + 10]; data/tinyssh-20190101/tinyssh-tests/readalltest.c:20:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space1[SPACELEN]; data/tinyssh-20190101/tinyssh-tests/readalltest.c:21:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space2[SPACELEN]; data/tinyssh-20190101/tinyssh-tests/savesynctest.c:20:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space1[SPACELEN]; data/tinyssh-20190101/tinyssh-tests/savesynctest.c:21:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space2[SPACELEN]; data/tinyssh-20190101/tinyssh-tests/stringparsertest.c:35:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. buf = (unsigned char *)testvectors[i].buf; data/tinyssh-20190101/tinyssh-tests/strtest.c:55:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[5]; data/tinyssh-20190101/tinyssh-tests/strtest.c:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[5]; data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:38:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char logbuf[1024]; data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:39:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char globalpath[4096]; data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c:20:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sh[sshcrypto_hash_MAX]; data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c:21:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sm[sshcrypto_sign_MAX + sshcrypto_hash_MAX]; data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c:22:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char m[sshcrypto_sign_MAX + sshcrypto_hash_MAX]; data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c:24:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sk[sshcrypto_sign_SECRETKEYMAX]; data/tinyssh-20190101/tinyssh-tests/trymlocktest.c:10:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[100]; data/tinyssh-20190101/tinyssh-tests/writealltest.c:20:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space1[SPACELEN]; data/tinyssh-20190101/tinyssh-tests/writealltest.c:21:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char space2[SPACELEN]; data/tinyssh-20190101/tinyssh/buf.c:128:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char s[4]; data/tinyssh-20190101/tinyssh/channel.c:159:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *run[4]; data/tinyssh-20190101/tinyssh/channel.c:163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ln[NAME_MAX + 2]; data/tinyssh-20190101/tinyssh/channel.h:20:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf0[CHANNEL_BUFSIZE]; data/tinyssh-20190101/tinyssh/channel.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh/channel.h:30:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh/channel.h:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteip[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh/channel.h:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remoteport[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh/channel.h:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[LOGIN_NAME_MAX + 1]; data/tinyssh-20190101/tinyssh/channel.h:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char termname[TTY_NAME_MAX + 1]; data/tinyssh-20190101/tinyssh/channel_forkpty.c:53:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). close(open(name, O_RDWR)); data/tinyssh-20190101/tinyssh/channel_forkpty.c:71:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). master = open(fn[i], O_RDWR | O_NOCTTY); data/tinyssh-20190101/tinyssh/channel_forkpty.c:80:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). slave = open(slave_name, O_RDWR | O_NOCTTY); data/tinyssh-20190101/tinyssh/channel_subsystem.c:13:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *channel_subsystem[CHANNEL_SUBSYSTEM_MAX] = {0}; data/tinyssh-20190101/tinyssh/connectioninfo.c:32:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ip[16]; data/tinyssh-20190101/tinyssh/connectioninfo.c:33:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char port[2]; data/tinyssh-20190101/tinyssh/connectioninfo.c:34:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ipstr[2]; data/tinyssh-20190101/tinyssh/connectioninfo.c:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *portstr[2]; data/tinyssh-20190101/tinyssh/global.c:21:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char global_bspace1[GLOBAL_BSIZE]; data/tinyssh-20190101/tinyssh/global.c:22:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char global_bspace2[GLOBAL_BSIZE]; data/tinyssh-20190101/tinyssh/global.c:46:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char stack[4096]; data/tinyssh-20190101/tinyssh/global.h:5:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char global_bspace1[GLOBAL_BSIZE]; data/tinyssh-20190101/tinyssh/global.h:6:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char global_bspace2[GLOBAL_BSIZE]; data/tinyssh-20190101/tinyssh/iptostr.c:21:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char staticbuf[IPTOSTR_LEN]; data/tinyssh-20190101/tinyssh/log.c:22:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char logstring[9] = "________"; data/tinyssh-20190101/tinyssh/log.c:56:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[257]; data/tinyssh-20190101/tinyssh/log.c:86:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[NUMTOSTR_LEN]; data/tinyssh-20190101/tinyssh/log.c:106:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *s[9]; data/tinyssh-20190101/tinyssh/main_tinysshd_printkey.c:21:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char pk[sshcrypto_sign_PUBLICKEYMAX]; data/tinyssh-20190101/tinyssh/newenv.c:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *e[NEWENV_LEN]; data/tinyssh-20190101/tinyssh/newenv.c:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char es[NEWENV_SPACE]; data/tinyssh-20190101/tinyssh/numtostr.c:18:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char staticbuf[NUMTOSTR_LEN]; data/tinyssh-20190101/tinyssh/open.c:28:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return open(fn,O_RDONLY | O_NONBLOCK | O_CLOEXEC); data/tinyssh-20190101/tinyssh/open.c:30:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(fn,O_RDONLY | O_NONBLOCK); data/tinyssh-20190101/tinyssh/open.c:40:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return open(fn,O_CREAT | O_WRONLY | O_NONBLOCK | O_CLOEXEC,0644); data/tinyssh-20190101/tinyssh/open.c:42:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(fn,O_CREAT | O_WRONLY | O_NONBLOCK,0644); data/tinyssh-20190101/tinyssh/packet.h:41:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char serverkey[sshcrypto_cipher_KEYMAX]; data/tinyssh-20190101/tinyssh/packet.h:42:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char clientkey[sshcrypto_cipher_KEYMAX]; data/tinyssh-20190101/tinyssh/packet.h:43:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char servermackey[sshcrypto_cipher_KEYMAX]; data/tinyssh-20190101/tinyssh/packet.h:44:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char clientmackey[sshcrypto_cipher_KEYMAX]; data/tinyssh-20190101/tinyssh/packet.h:45:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char servernonce[sshcrypto_cipher_KEYMAX]; data/tinyssh-20190101/tinyssh/packet.h:46:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char clientnonce[sshcrypto_cipher_KEYMAX]; data/tinyssh-20190101/tinyssh/packet.h:47:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sessionid[sshcrypto_hash_MAX]; data/tinyssh-20190101/tinyssh/packet.h:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[LOGIN_NAME_MAX + 1]; data/tinyssh-20190101/tinyssh/packet.h:53:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hellosendspace[256]; data/tinyssh-20190101/tinyssh/packet.h:54:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char helloreceivespace[256]; data/tinyssh-20190101/tinyssh/packet.h:55:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char kexsendspace[1024]; data/tinyssh-20190101/tinyssh/packet.h:56:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char kexrecvspace[65536]; data/tinyssh-20190101/tinyssh/packet.h:57:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hashbufspace[65536]; data/tinyssh-20190101/tinyssh/packet.h:65:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char recvbufspace[4 * PACKET_FULLLIMIT + 1 + PACKET_ZEROBYTES]; data/tinyssh-20190101/tinyssh/packet.h:66:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sendbufspace[4 * PACKET_FULLLIMIT + 1]; data/tinyssh-20190101/tinyssh/packet_auth.c:30:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pk[sshcrypto_sign_PUBLICKEYMAX]; data/tinyssh-20190101/tinyssh/packet_auth.c:31:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sig[sshcrypto_sign_MAX]; data/tinyssh-20190101/tinyssh/packet_get.c:36:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[NUMTOSTR_LEN]; data/tinyssh-20190101/tinyssh/packet_get.c:37:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[NUMTOSTR_LEN]; data/tinyssh-20190101/tinyssh/packet_get.c:90:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[NUMTOSTR_LEN]; data/tinyssh-20190101/tinyssh/packet_get.c:91:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[NUMTOSTR_LEN]; data/tinyssh-20190101/tinyssh/packet_kexdh.c:23:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char clientpk[sshcrypto_kem_PUBLICKEYMAX]; data/tinyssh-20190101/tinyssh/packet_kexdh.c:24:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char serverpk[sshcrypto_kem_CIPHERTEXTMAX]; data/tinyssh-20190101/tinyssh/packet_kexdh.c:25:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sharedsecret[sshcrypto_kem_MAX]; data/tinyssh-20190101/tinyssh/packet_kexdh.c:26:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sm[sshcrypto_sign_MAX]; data/tinyssh-20190101/tinyssh/packet_kexdh.c:27:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char key[sshcrypto_cipher_KEYMAX]; data/tinyssh-20190101/tinyssh/packet_kexdh.c:28:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hash[sshcrypto_hash_MAX]; data/tinyssh-20190101/tinyssh/packet_unimplemented.c:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strnum[NUMTOSTR_LEN]; data/tinyssh-20190101/tinyssh/porttostr.c:19:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char staticbuf[PORTTOSTR_LEN]; data/tinyssh-20190101/tinyssh/randommod.c:11:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char r[32]; data/tinyssh-20190101/tinyssh/sshcrypto.h:68:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sign_publickey[sshcrypto_sign_PUBLICKEYMAX]; data/tinyssh-20190101/tinyssh/sshcrypto_cipher.c:62:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (str_equaln((char *)x, xlen, sshcrypto_ciphers[i].name)) { data/tinyssh-20190101/tinyssh/sshcrypto_cipher_chachapoly.c:27:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char n[8]; data/tinyssh-20190101/tinyssh/sshcrypto_cipher_chachapoly.c:72:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[16]; data/tinyssh-20190101/tinyssh/sshcrypto_cipher_chachapoly.c:75:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char n[8]; data/tinyssh-20190101/tinyssh/sshcrypto_kex.c:86:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (str_equaln((char *)x, xlen, sshcrypto_kexs[i].name)) { data/tinyssh-20190101/tinyssh/sshcrypto_kex_curve25519.c:16:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char onetimesk[crypto_scalarmult_curve25519_SCALARBYTES]; data/tinyssh-20190101/tinyssh/sshcrypto_key.c:92:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (str_equaln((char *)x, xlen, sshcrypto_keys[i].name)) { data/tinyssh-20190101/tinyssh/sshcrypto_key_ed25519.c:37:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[19 + crypto_sign_ed25519_PUBLICKEYBYTES]; data/tinyssh-20190101/tinyssh/subprocess_sign.c:44:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sk[sshcrypto_sign_SECRETKEYMAX]; data/tinyssh-20190101/tinyssh/subprocess_sign.c:45:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sm[sshcrypto_sign_MAX + sshcrypto_hash_MAX]; data/tinyssh-20190101/_tinyssh/_tinysshd-install.c:80:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd1, &ch, 1); data/tinyssh-20190101/_tinyssh/_tinysshd-unauthenticated.c:100:50: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. if (i > PACKET_UNAUTHENTICATED_MESSAGES) usleep(1000); /* XXX */ data/tinyssh-20190101/crypto-tests/randombytestest.c:27:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, x, xlen); data/tinyssh-20190101/crypto/ge25519.c:172:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static unsigned char equal(unsigned char a, unsigned char b) { data/tinyssh-20190101/crypto/ge25519.c:207:49: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. for (j = 0; j < 16; ++j) cmov(sp, t[j], equal(e[i], j)); data/tinyssh-20190101/crypto/randombytes.c:32:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). i = read(fd,x,i); data/tinyssh-20190101/tinyssh-tests/logtest.c:21:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, x, xlen); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:28:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, x, xlen); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:168:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:178:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:190:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:202:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:214:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:228:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:239:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:250:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:262:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:277:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:292:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:308:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:323:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:338:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_authtest.c:354:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(000); data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c:40:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(022); data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c:46:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(022); data/tinyssh-20190101/tinyssh-tests/subprocess_signtest.c:48:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/tinyssh-20190101/tinyssh/channel.c:274:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(channel.fd1, buf, r); data/tinyssh-20190101/tinyssh/channel.c:307:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(channel.fd2, buf, r); data/tinyssh-20190101/tinyssh/getln.c:18:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, x, 1); data/tinyssh-20190101/tinyssh/main_tinysshd_makekey.c:53:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(022); data/tinyssh-20190101/tinyssh/main_tinysshd_makekey.c:59:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(022); data/tinyssh-20190101/tinyssh/main_tinysshd_makekey.c:61:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/tinyssh-20190101/tinyssh/packet_recv.c:29:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(0, b->buf + b->len, PACKET_FULLLIMIT); data/tinyssh-20190101/tinyssh/readall.c:14:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, x, r); ANALYSIS SUMMARY: Hits = 329 Lines analyzed = 16189 in approximately 0.53 seconds (30629 lines/second) Physical Source Lines of Code (SLOC) = 11869 Hits@level = [0] 39 [1] 34 [2] 283 [3] 0 [4] 7 [5] 5 Hits@level+ = [0+] 368 [1+] 329 [2+] 295 [3+] 12 [4+] 12 [5+] 5 Hits/KSLOC@level+ = [0+] 31.0051 [1+] 27.7193 [2+] 24.8547 [3+] 1.01104 [4+] 1.01104 [5+] 0.421265 Symlinks skipped = 31 (--allowlink overrides but see doc for security issue) Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.