Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tpm-quote-tools-1.0.4/tidy.c
Examining data/tpm-quote-tools-1.0.4/tpm_mkaik.c
Examining data/tpm-quote-tools-1.0.4/tpm_loadkey.c
Examining data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c
Examining data/tpm-quote-tools-1.0.4/include/tss/tddl_error.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tss_error.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tddli.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tddlapi_error.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tss_typedef.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcpa_typedef.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcs.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tss_error_basics.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tpm.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcs_structs.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcs_typedef.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tpm_ordinal.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcs_defines.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tpm_error.h
Examining data/tpm-quote-tools-1.0.4/include/tss/platform.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tss_defines.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcpa_struct.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcs_error.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tspi.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tss_structs.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcpa_error.h
Examining data/tpm-quote-tools-1.0.4/include/tss/compat11b.h
Examining data/tpm-quote-tools-1.0.4/include/tss/tcpa_defines.h
Examining data/tpm-quote-tools-1.0.4/pcr_mask.c
Examining data/tpm-quote-tools-1.0.4/createek.c
Examining data/tpm-quote-tools-1.0.4/tpm_mkuuid.c
Examining data/tpm-quote-tools-1.0.4/takeownership.c
Examining data/tpm-quote-tools-1.0.4/tpm_quote.h
Examining data/tpm-quote-tools-1.0.4/toutf16le.c
Examining data/tpm-quote-tools-1.0.4/quote_nonce.c
Examining data/tpm-quote-tools-1.0.4/quote.c
Examining data/tpm-quote-tools-1.0.4/loadkey.c
Examining data/tpm-quote-tools-1.0.4/tpm_getquote.c
Examining data/tpm-quote-tools-1.0.4/tpm_unloadkey.c
Examining data/tpm-quote-tools-1.0.4/tpm_getpcrhash.c
Examining data/tpm-quote-tools-1.0.4/tss_err.c
Examining data/tpm-quote-tools-1.0.4/tpm_verifyquote.c
FINAL RESULTS:
data/tpm-quote-tools-1.0.4/createek.c:28:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, usage, argv[0]);
data/tpm-quote-tools-1.0.4/takeownership.c:27:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, usage, argv[0]);
data/tpm-quote-tools-1.0.4/tpm_getpcrhash.c:43:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/tpm_getquote.c:51:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/tpm_loadkey.c:34:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/tpm_mkaik.c:112:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/tpm_mkuuid.c:28:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/tpm_unloadkey.c:34:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c:63:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/tpm_verifyquote.c:50:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text, prog);
data/tpm-quote-tools-1.0.4/include/tss/tcs.h:475:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
BYTE** random, // out
data/tpm-quote-tools-1.0.4/include/tss/tcs.h:486:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
BYTE* random, // in
data/tpm-quote-tools-1.0.4/include/tss/tcs.h:848:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
BYTE** random, // out
data/tpm-quote-tools-1.0.4/include/tss/tcs.h:1047:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
BYTE** random, // out
data/tpm-quote-tools-1.0.4/include/tss/tcs.h:1062:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
BYTE* random, // in
data/tpm-quote-tools-1.0.4/tpm_getpcrhash.c:53:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "r:hv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_getquote.c:63:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "r:p:hv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_loadkey.c:42:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "r:hv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_mkaik.c:121:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "zuhv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_mkuuid.c:35:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "hv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_unloadkey.c:42:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "r:hv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c:70:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "hv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_verifyquote.c:57:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "hv")) != -1) {
data/tpm-quote-tools-1.0.4/tpm_getpcrhash.c:89:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(uuidname, "rb");
data/tpm-quote-tools-1.0.4/tpm_getpcrhash.c:121:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(hashname, "wb");
data/tpm-quote-tools-1.0.4/tpm_getpcrhash.c:140:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(pcrvals, "wb");
data/tpm-quote-tools-1.0.4/tpm_getquote.c:102:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(uuidname, "rb");
data/tpm-quote-tools-1.0.4/tpm_getquote.c:116:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(noncename, "rb");
data/tpm-quote-tools-1.0.4/tpm_getquote.c:144:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(quotename, "wb");
data/tpm-quote-tools-1.0.4/tpm_getquote.c:166:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(pcrvals, "wb");
data/tpm-quote-tools-1.0.4/tpm_loadkey.c:73:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(blobname, "rb");
data/tpm-quote-tools-1.0.4/tpm_loadkey.c:83:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(uuidname, "rb");
data/tpm-quote-tools-1.0.4/tpm_mkaik.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[bufSize];
data/tpm-quote-tools-1.0.4/tpm_mkaik.c:242:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(blobname, "wb");
data/tpm-quote-tools-1.0.4/tpm_mkaik.c:281:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(pubkeyname, "wb");
data/tpm-quote-tools-1.0.4/tpm_mkuuid.c:81:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(uuidname, "wb");
data/tpm-quote-tools-1.0.4/tpm_unloadkey.c:72:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(uuidname, "rb");
data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c:42:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(name, "rb");
data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c:89:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(newpcrvalsname, "r");
data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFSIZE]; /* Read a line of input */
data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c:263:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hash+hashLen-digestLen-sizeof(TPM_NONCE), digest, digestLen);
data/tpm-quote-tools-1.0.4/tpm_updatepcrhash.c:267:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(newhashname, "wb");
data/tpm-quote-tools-1.0.4/tpm_verifyquote.c:25:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(name, "rb");
data/tpm-quote-tools-1.0.4/tpm_verifyquote.c:115:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hashNonce, nonce, sizeof(TPM_NONCE));
data/tpm-quote-tools-1.0.4/toutf16le.c:31:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(src);
data/tpm-quote-tools-1.0.4/tpm_mkaik.c:89:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf), (BYTE *)buf);
data/tpm-quote-tools-1.0.4/tpm_mkaik.c:92:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf), (BYTE *)buf);
ANALYSIS SUMMARY:
Hits = 47
Lines analyzed = 10556 in approximately 0.19 seconds (56334 lines/second)
Physical Source Lines of Code (SLOC) = 6827
Hits@level = [0] 83 [1] 3 [2] 21 [3] 13 [4] 10 [5] 0
Hits@level+ = [0+] 130 [1+] 47 [2+] 44 [3+] 23 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 19.042 [1+] 6.88443 [2+] 6.445 [3+] 3.36898 [4+] 1.46477 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.