Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tomsfastmath-0.13/demo/test.c
Examining data/tomsfastmath-0.13/demo/stest.c
Examining data/tomsfastmath-0.13/demo/timing.c
Examining data/tomsfastmath-0.13/demo/rsa.c
Examining data/tomsfastmath-0.13/mtest/mtest.c
Examining data/tomsfastmath-0.13/pre_gen/mpi.c
Examining data/tomsfastmath-0.13/src/generators/comba_sqr_gen.c
Examining data/tomsfastmath-0.13/src/generators/comba_mont_gen.c
Examining data/tomsfastmath-0.13/src/generators/comba_sqr_smallgen.c
Examining data/tomsfastmath-0.13/src/generators/comba_mult_gen.c
Examining data/tomsfastmath-0.13/src/generators/comba_mult_smallgen.c
Examining data/tomsfastmath-0.13/src/numtheory/fp_invmod.c
Examining data/tomsfastmath-0.13/src/numtheory/fp_gcd.c
Examining data/tomsfastmath-0.13/src/numtheory/fp_lcm.c
Examining data/tomsfastmath-0.13/src/numtheory/fp_isprime_ex.c
Examining data/tomsfastmath-0.13/src/numtheory/fp_prime_miller_rabin.c
Examining data/tomsfastmath-0.13/src/numtheory/fp_isprime.c
Examining data/tomsfastmath-0.13/src/numtheory/fp_prime_random_ex.c
Examining data/tomsfastmath-0.13/src/divide/fp_mod_d.c
Examining data/tomsfastmath-0.13/src/divide/fp_div_d.c
Examining data/tomsfastmath-0.13/src/divide/fp_mod.c
Examining data/tomsfastmath-0.13/src/divide/fp_div.c
Examining data/tomsfastmath-0.13/src/headers/tfm_private.h
Examining data/tomsfastmath-0.13/src/headers/tfm.h
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_64.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_7.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_4.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_6.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_20.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_12.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_17.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_28.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_9.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_48.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_24.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_32.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqrmod.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_3.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_8.c
Examining data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_generic.c
Examining data/tomsfastmath-0.13/src/misc/fp_set.c
Examining data/tomsfastmath-0.13/src/misc/fp_rand.c
Examining data/tomsfastmath-0.13/src/misc/fp_ident.c
Examining data/tomsfastmath-0.13/src/bin/fp_toradix.c
Examining data/tomsfastmath-0.13/src/bin/fp_s_rmap.c
Examining data/tomsfastmath-0.13/src/bin/fp_signed_bin_size.c
Examining data/tomsfastmath-0.13/src/bin/fp_reverse.c
Examining data/tomsfastmath-0.13/src/bin/fp_to_unsigned_bin.c
Examining data/tomsfastmath-0.13/src/bin/fp_toradix_n.c
Examining data/tomsfastmath-0.13/src/bin/fp_to_signed_bin.c
Examining data/tomsfastmath-0.13/src/bin/fp_radix_size.c
Examining data/tomsfastmath-0.13/src/bin/fp_unsigned_bin_size.c
Examining data/tomsfastmath-0.13/src/bin/fp_read_radix.c
Examining data/tomsfastmath-0.13/src/bin/fp_read_signed_bin.c
Examining data/tomsfastmath-0.13/src/bin/fp_read_unsigned_bin.c
Examining data/tomsfastmath-0.13/src/exptmod/fp_2expt.c
Examining data/tomsfastmath-0.13/src/exptmod/fp_exptmod.c
Examining data/tomsfastmath-0.13/src/addsub/fp_cmp_mag.c
Examining data/tomsfastmath-0.13/src/addsub/s_fp_sub.c
Examining data/tomsfastmath-0.13/src/addsub/fp_sub_d.c
Examining data/tomsfastmath-0.13/src/addsub/fp_add.c
Examining data/tomsfastmath-0.13/src/addsub/fp_cmp_d.c
Examining data/tomsfastmath-0.13/src/addsub/fp_cmp.c
Examining data/tomsfastmath-0.13/src/addsub/fp_add_d.c
Examining data/tomsfastmath-0.13/src/addsub/fp_sub.c
Examining data/tomsfastmath-0.13/src/addsub/s_fp_add.c
Examining data/tomsfastmath-0.13/src/addsub/fp_submod.c
Examining data/tomsfastmath-0.13/src/addsub/fp_addmod.c
Examining data/tomsfastmath-0.13/src/mont/fp_montgomery_setup.c
Examining data/tomsfastmath-0.13/src/mont/fp_montgomery_reduce.c
Examining data/tomsfastmath-0.13/src/mont/fp_montgomery_calc_normalization.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_48.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_28.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_4.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_32.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_9.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_64.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_8.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_17.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_2.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_6.c
Examining data/tomsfastmath-0.13/src/mul/fp_mulmod.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_7.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_12.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_2d.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_d.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_20.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_24.c
Examining data/tomsfastmath-0.13/src/mul/fp_mul_comba_3.c
Examining data/tomsfastmath-0.13/src/bit/fp_lshd.c
Examining data/tomsfastmath-0.13/src/bit/fp_div_2d.c
Examining data/tomsfastmath-0.13/src/bit/fp_div_2.c
Examining data/tomsfastmath-0.13/src/bit/fp_cnt_lsb.c
Examining data/tomsfastmath-0.13/src/bit/fp_rshd.c
Examining data/tomsfastmath-0.13/src/bit/fp_mod_2d.c
Examining data/tomsfastmath-0.13/src/bit/fp_count_bits.c
FINAL RESULTS:
data/tomsfastmath-0.13/demo/stest.c:10:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DISPLAY(x) printf(x)
data/tomsfastmath-0.13/demo/stest.c:11:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DISPLAY_P(...) printf(__VA_ARGS__)
data/tomsfastmath-0.13/src/generators/comba_mont_gen.c:7:1: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(
data/tomsfastmath-0.13/demo/test.c:47:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/tomsfastmath-0.13/demo/rsa.c:19:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/tomsfastmath-0.13/demo/rsa.c:44:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/tomsfastmath-0.13/demo/test.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[4096], buf[4096];
data/tomsfastmath-0.13/demo/timing.c:27:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/tomsfastmath-0.13/demo/timing.c:28:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen("/sys/devices/system/cpu/cpu0/pccycles", "r");
data/tomsfastmath-0.13/mtest/mtest.c:51:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[(FP_MAX_SIZE/16 - DIGIT_BIT/2) + 1];
data/tomsfastmath-0.13/mtest/mtest.c:64:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[(FP_MAX_SIZE/16 - DIGIT_BIT/2) + 1];
data/tomsfastmath-0.13/mtest/mtest.c:82:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/tomsfastmath-0.13/mtest/mtest.c:108:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rng = fopen("/dev/urandom", "rb");
data/tomsfastmath-0.13/mtest/mtest.c:110:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rng = fopen("/dev/random", "rb");
data/tomsfastmath-0.13/pre_gen/mpi.c:1939:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/tomsfastmath-0.13/pre_gen/mpi.c:3403:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:3404:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+12, B->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:3523:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 17 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:3524:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+17, B->dp, 17 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:3683:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 20 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:3684:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+20, B->dp, 20 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:3867:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:3868:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+24, B->dp, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4083:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 28 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4084:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+28, B->dp, 28 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4331:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4332:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+3, B->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4381:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 32 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4382:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+32, B->dp, 32 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4673:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4674:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+4, B->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4729:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 48 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:4730:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+48, B->dp, 48 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5137:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5138:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+6, B->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5209:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 64 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5210:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+64, B->dp, 64 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5745:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5746:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+7, B->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5825:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5826:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+8, B->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5913:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:5914:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+9, B->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6011:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 1 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6012:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+1, B->dp, 1 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6027:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 2 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6028:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+2, B->dp, 2 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6051:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6052:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+3, B->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6083:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6084:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+4, B->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6123:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 5 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6124:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+5, B->dp, 5 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6171:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6172:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+6, B->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6227:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6228:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+7, B->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6291:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6292:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+8, B->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6363:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6364:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+9, B->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6443:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 10 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6444:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+10, B->dp, 10 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6531:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 11 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6532:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+11, B->dp, 11 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6627:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6628:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+12, B->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6731:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 13 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6732:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+13, B->dp, 13 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6843:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6844:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+14, B->dp, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6963:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 15 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:6964:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+15, B->dp, 15 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:7091:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:7092:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+16, B->dp, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:8855:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:9053:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 34 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:9281:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 40 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:9549:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 48 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:9857:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 56 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:9915:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:10263:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 64 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:10331:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:10839:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 96 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:10927:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:11595:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 128 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:11693:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:11801:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:11919:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 18 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12060:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 2 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12089:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12128:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12177:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12236:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 10 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12305:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12384:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12473:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12572:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 18 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12681:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 20 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12800:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 22 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:12929:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:13068:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 26 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:13217:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 28 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:13376:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 30 * sizeof(fp_digit));
data/tomsfastmath-0.13/pre_gen/mpi.c:13545:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 32 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/generators/comba_mult_gen.c:17:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
N = atoi(argv[1]);
data/tomsfastmath-0.13/src/generators/comba_sqr_gen.c:16:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
N = atoi(argv[1]);
data/tomsfastmath-0.13/src/headers/tfm.h:337:51: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define fp_copy(a, b) (void)(((a) != (b)) && memcpy((b), (a), sizeof(fp_int)))
data/tomsfastmath-0.13/src/misc/fp_ident.c:14:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/tomsfastmath-0.13/src/mul/fp_mul_comba_12.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_12.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+12, B->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_17.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 17 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_17.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+17, B->dp, 17 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_20.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 20 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_20.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+20, B->dp, 20 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_24.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_24.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+24, B->dp, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_28.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 28 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_28.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+28, B->dp, 28 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_3.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_3.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+3, B->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_32.c:11:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 32 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_32.c:12:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+32, B->dp, 32 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_4.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_4.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+4, B->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_48.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 48 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_48.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+48, B->dp, 48 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_6.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_6.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+6, B->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_64.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 64 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_64.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+64, B->dp, 64 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_7.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_7.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+7, B->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_8.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_8.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+8, B->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_9.c:9:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_9.c:10:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+9, B->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:11:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 1 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:12:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+1, B->dp, 1 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:27:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 2 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:28:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+2, B->dp, 2 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:51:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:52:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+3, B->dp, 3 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:83:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:84:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+4, B->dp, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:123:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 5 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:124:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+5, B->dp, 5 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:171:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:172:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+6, B->dp, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:227:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:228:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+7, B->dp, 7 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:291:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:292:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+8, B->dp, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:363:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:364:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+9, B->dp, 9 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:443:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 10 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:444:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+10, B->dp, 10 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:531:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 11 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:532:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+11, B->dp, 11 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:627:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:628:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+12, B->dp, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:731:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 13 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:732:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+13, B->dp, 13 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:843:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:844:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+14, B->dp, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:963:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 15 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:964:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+15, B->dp, 15 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:1091:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at, A->dp, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/mul/fp_mul_comba_small_set.c:1092:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(at+16, B->dp, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_12.c:136:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_17.c:186:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 34 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_20.c:216:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 40 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_24.c:256:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 48 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_28.c:296:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 56 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_3.c:46:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_32.c:336:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 64 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_4.c:56:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_48.c:496:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 96 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_6.c:76:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_64.c:656:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 128 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_7.c:86:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_8.c:96:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_9.c:106:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 18 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:27:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 2 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:56:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 4 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:95:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 6 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:144:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 8 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:203:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 10 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:272:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 12 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:351:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 14 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:440:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 16 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:539:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 18 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:648:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 20 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:767:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 22 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:896:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 24 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:1035:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 26 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:1184:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 28 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:1343:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 30 * sizeof(fp_digit));
data/tomsfastmath-0.13/src/sqr/fp_sqr_comba_small_set.c:1512:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(B->dp, b, 32 * sizeof(fp_digit));
data/tomsfastmath-0.13/demo/test.c:201:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd[strlen(cmd)-1] = 0;
data/tomsfastmath-0.13/mtest/mtest.c:53:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size = 1 + ((fgetc(rng)<<8) + fgetc(rng)) % (FP_MAX_SIZE/16 - DIGIT_BIT/2);
data/tomsfastmath-0.13/mtest/mtest.c:53:34: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size = 1 + ((fgetc(rng)<<8) + fgetc(rng)) % (FP_MAX_SIZE/16 - DIGIT_BIT/2);
data/tomsfastmath-0.13/mtest/mtest.c:54:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf[0] = (fgetc(rng)&1)?1:0;
data/tomsfastmath-0.13/mtest/mtest.c:56:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (buf[1] == 0) buf[1] = fgetc(rng);
data/tomsfastmath-0.13/mtest/mtest.c:66:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size = 1 + ((fgetc(rng)<<8) + fgetc(rng)) % (FP_MAX_SIZE/16 - DIGIT_BIT/2);
data/tomsfastmath-0.13/mtest/mtest.c:66:34: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size = 1 + ((fgetc(rng)<<8) + fgetc(rng)) % (FP_MAX_SIZE/16 - DIGIT_BIT/2);
data/tomsfastmath-0.13/mtest/mtest.c:67:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buf[0] = (fgetc(rng)&1)?1:0;
data/tomsfastmath-0.13/mtest/mtest.c:69:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (buf[1] == 0) buf[1] = fgetc(rng);
data/tomsfastmath-0.13/mtest/mtest.c:127:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = fgetc(rng) % 16;
data/tomsfastmath-0.13/mtest/mtest.c:191:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = fgetc(rng) & 63;
data/tomsfastmath-0.13/mtest/mtest.c:203:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = fgetc(rng) & 63;
data/tomsfastmath-0.13/pre_gen/mpi.c:2004:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(buf, "WARNING: sizeof(fp_digit) == sizeof(fp_word), this build is likely to not work properly.\n",
data/tomsfastmath-0.13/pre_gen/mpi.c:2005:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(buf) - strlen(buf) - 1);
data/tomsfastmath-0.13/src/misc/fp_ident.c:79:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(buf, "WARNING: sizeof(fp_digit) == sizeof(fp_word), this build is likely to not work properly.\n",
data/tomsfastmath-0.13/src/misc/fp_ident.c:80:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(buf) - strlen(buf) - 1);
ANALYSIS SUMMARY:
Hits = 215
Lines analyzed = 29596 in approximately 1.72 seconds (17206 lines/second)
Physical Source Lines of Code (SLOC) = 19321
Hits@level = [0] 195 [1] 16 [2] 195 [3] 1 [4] 3 [5] 0
Hits@level+ = [0+] 410 [1+] 215 [2+] 199 [3+] 4 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 21.2204 [1+] 11.1278 [2+] 10.2997 [3+] 0.207029 [4+] 0.155271 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.