Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xmlsec1-1.2.30/examples/sign2.c
Examining data/xmlsec1-1.2.30/examples/verify3.c
Examining data/xmlsec1-1.2.30/examples/sign1.c
Examining data/xmlsec1-1.2.30/examples/verify1.c
Examining data/xmlsec1-1.2.30/examples/encrypt1.c
Examining data/xmlsec1-1.2.30/examples/verify4.c
Examining data/xmlsec1-1.2.30/examples/sign3.c
Examining data/xmlsec1-1.2.30/examples/encrypt3.c
Examining data/xmlsec1-1.2.30/examples/decrypt1.c
Examining data/xmlsec1-1.2.30/examples/verify2.c
Examining data/xmlsec1-1.2.30/examples/decrypt2.c
Examining data/xmlsec1-1.2.30/examples/decrypt3.c
Examining data/xmlsec1-1.2.30/examples/encrypt2.c
Examining data/xmlsec1-1.2.30/examples/xmldsigverify.c
Examining data/xmlsec1-1.2.30/src/nodeset.c
Examining data/xmlsec1-1.2.30/src/soap.c
Examining data/xmlsec1-1.2.30/src/app.c
Examining data/xmlsec1-1.2.30/src/skeleton/app.c
Examining data/xmlsec1-1.2.30/src/skeleton/crypto.c
Examining data/xmlsec1-1.2.30/src/skeleton/globals.h
Examining data/xmlsec1-1.2.30/src/dl.c
Examining data/xmlsec1-1.2.30/src/xmltree.c
Examining data/xmlsec1-1.2.30/src/base64.c
Examining data/xmlsec1-1.2.30/src/mscng/app.c
Examining data/xmlsec1-1.2.30/src/mscng/symkeys.c
Examining data/xmlsec1-1.2.30/src/mscng/signatures.c
Examining data/xmlsec1-1.2.30/src/mscng/keysstore.c
Examining data/xmlsec1-1.2.30/src/mscng/kt_rsa.c
Examining data/xmlsec1-1.2.30/src/mscng/crypto.c
Examining data/xmlsec1-1.2.30/src/mscng/kw_des.c
Examining data/xmlsec1-1.2.30/src/mscng/x509.c
Examining data/xmlsec1-1.2.30/src/mscng/globals.h
Examining data/xmlsec1-1.2.30/src/mscng/digests.c
Examining data/xmlsec1-1.2.30/src/mscng/hmac.c
Examining data/xmlsec1-1.2.30/src/mscng/kw_aes.c
Examining data/xmlsec1-1.2.30/src/mscng/certkeys.c
Examining data/xmlsec1-1.2.30/src/mscng/ciphers.c
Examining data/xmlsec1-1.2.30/src/mscng/x509vfy.c
Examining data/xmlsec1-1.2.30/src/keys.c
Examining data/xmlsec1-1.2.30/src/xslt.h
Examining data/xmlsec1-1.2.30/src/keysmngr.c
Examining data/xmlsec1-1.2.30/src/gcrypt/asn1.h
Examining data/xmlsec1-1.2.30/src/gcrypt/app.c
Examining data/xmlsec1-1.2.30/src/gcrypt/symkeys.c
Examining data/xmlsec1-1.2.30/src/gcrypt/asn1.c
Examining data/xmlsec1-1.2.30/src/gcrypt/asymkeys.c
Examining data/xmlsec1-1.2.30/src/gcrypt/signatures.c
Examining data/xmlsec1-1.2.30/src/gcrypt/crypto.c
Examining data/xmlsec1-1.2.30/src/gcrypt/kw_des.c
Examining data/xmlsec1-1.2.30/src/gcrypt/globals.h
Examining data/xmlsec1-1.2.30/src/gcrypt/digests.c
Examining data/xmlsec1-1.2.30/src/gcrypt/hmac.c
Examining data/xmlsec1-1.2.30/src/gcrypt/kw_aes.c
Examining data/xmlsec1-1.2.30/src/gcrypt/ciphers.c
Examining data/xmlsec1-1.2.30/src/errors.c
Examining data/xmlsec1-1.2.30/src/list.c
Examining data/xmlsec1-1.2.30/src/openssl/app.c
Examining data/xmlsec1-1.2.30/src/openssl/symkeys.c
Examining data/xmlsec1-1.2.30/src/openssl/openssl_compat.h
Examining data/xmlsec1-1.2.30/src/openssl/signatures.c
Examining data/xmlsec1-1.2.30/src/openssl/evp.c
Examining data/xmlsec1-1.2.30/src/openssl/bn.c
Examining data/xmlsec1-1.2.30/src/openssl/kt_rsa.c
Examining data/xmlsec1-1.2.30/src/openssl/crypto.c
Examining data/xmlsec1-1.2.30/src/openssl/evp_signatures.c
Examining data/xmlsec1-1.2.30/src/openssl/kw_des.c
Examining data/xmlsec1-1.2.30/src/openssl/x509.c
Examining data/xmlsec1-1.2.30/src/openssl/globals.h
Examining data/xmlsec1-1.2.30/src/openssl/digests.c
Examining data/xmlsec1-1.2.30/src/openssl/hmac.c
Examining data/xmlsec1-1.2.30/src/openssl/kw_aes.c
Examining data/xmlsec1-1.2.30/src/openssl/ciphers.c
Examining data/xmlsec1-1.2.30/src/openssl/x509vfy.c
Examining data/xmlsec1-1.2.30/src/errors_helpers.h
Examining data/xmlsec1-1.2.30/src/nss/app.c
Examining data/xmlsec1-1.2.30/src/nss/pkikeys.c
Examining data/xmlsec1-1.2.30/src/nss/bignum.c
Examining data/xmlsec1-1.2.30/src/nss/symkeys.c
Examining data/xmlsec1-1.2.30/src/nss/signatures.c
Examining data/xmlsec1-1.2.30/src/nss/keysstore.c
Examining data/xmlsec1-1.2.30/src/nss/keytrans.c
Examining data/xmlsec1-1.2.30/src/nss/crypto.c
Examining data/xmlsec1-1.2.30/src/nss/kw_des.c
Examining data/xmlsec1-1.2.30/src/nss/x509.c
Examining data/xmlsec1-1.2.30/src/nss/globals.h
Examining data/xmlsec1-1.2.30/src/nss/digests.c
Examining data/xmlsec1-1.2.30/src/nss/hmac.c
Examining data/xmlsec1-1.2.30/src/nss/kw_aes.c
Examining data/xmlsec1-1.2.30/src/nss/ciphers.c
Examining data/xmlsec1-1.2.30/src/nss/x509vfy.c
Examining data/xmlsec1-1.2.30/src/c14n.c
Examining data/xmlsec1-1.2.30/src/bn.c
Examining data/xmlsec1-1.2.30/src/io.c
Examining data/xmlsec1-1.2.30/src/templates.c
Examining data/xmlsec1-1.2.30/src/kw_aes_des.c
Examining data/xmlsec1-1.2.30/src/transforms.c
Examining data/xmlsec1-1.2.30/src/buffer.c
Examining data/xmlsec1-1.2.30/src/enveloped.c
Examining data/xmlsec1-1.2.30/src/keysdata.c
Examining data/xmlsec1-1.2.30/src/x509.c
Examining data/xmlsec1-1.2.30/src/xslt.c
Examining data/xmlsec1-1.2.30/src/keyinfo.c
Examining data/xmlsec1-1.2.30/src/globals.h
Examining data/xmlsec1-1.2.30/src/parser.c
Examining data/xmlsec1-1.2.30/src/mscrypto/app.c
Examining data/xmlsec1-1.2.30/src/mscrypto/csp_calg.h
Examining data/xmlsec1-1.2.30/src/mscrypto/symkeys.c
Examining data/xmlsec1-1.2.30/src/mscrypto/xmlsec-mingw.h
Examining data/xmlsec1-1.2.30/src/mscrypto/signatures.c
Examining data/xmlsec1-1.2.30/src/mscrypto/keysstore.c
Examining data/xmlsec1-1.2.30/src/mscrypto/kt_rsa.c
Examining data/xmlsec1-1.2.30/src/mscrypto/crypto.c
Examining data/xmlsec1-1.2.30/src/mscrypto/csp_oid.h
Examining data/xmlsec1-1.2.30/src/mscrypto/kw_des.c
Examining data/xmlsec1-1.2.30/src/mscrypto/x509.c
Examining data/xmlsec1-1.2.30/src/mscrypto/private.h
Examining data/xmlsec1-1.2.30/src/mscrypto/globals.h
Examining data/xmlsec1-1.2.30/src/mscrypto/digests.c
Examining data/xmlsec1-1.2.30/src/mscrypto/hmac.c
Examining data/xmlsec1-1.2.30/src/mscrypto/kw_aes.c
Examining data/xmlsec1-1.2.30/src/mscrypto/certkeys.c
Examining data/xmlsec1-1.2.30/src/mscrypto/ciphers.c
Examining data/xmlsec1-1.2.30/src/mscrypto/x509vfy.c
Examining data/xmlsec1-1.2.30/src/relationship.c
Examining data/xmlsec1-1.2.30/src/strings.c
Examining data/xmlsec1-1.2.30/src/xpath.c
Examining data/xmlsec1-1.2.30/src/xmlsec.c
Examining data/xmlsec1-1.2.30/src/xmldsig.c
Examining data/xmlsec1-1.2.30/src/kw_aes_des.h
Examining data/xmlsec1-1.2.30/src/xmlenc.c
Examining data/xmlsec1-1.2.30/src/gnutls/app.c
Examining data/xmlsec1-1.2.30/src/gnutls/x509utils.c
Examining data/xmlsec1-1.2.30/src/gnutls/symkeys.c
Examining data/xmlsec1-1.2.30/src/gnutls/asymkeys.c
Examining data/xmlsec1-1.2.30/src/gnutls/signatures.c
Examining data/xmlsec1-1.2.30/src/gnutls/crypto.c
Examining data/xmlsec1-1.2.30/src/gnutls/x509utils.h
Examining data/xmlsec1-1.2.30/src/gnutls/kw_des.c
Examining data/xmlsec1-1.2.30/src/gnutls/x509.c
Examining data/xmlsec1-1.2.30/src/gnutls/globals.h
Examining data/xmlsec1-1.2.30/src/gnutls/digests.c
Examining data/xmlsec1-1.2.30/src/gnutls/hmac.c
Examining data/xmlsec1-1.2.30/src/gnutls/kw_aes.c
Examining data/xmlsec1-1.2.30/src/gnutls/ciphers.c
Examining data/xmlsec1-1.2.30/src/gnutls/x509vfy.c
Examining data/xmlsec1-1.2.30/src/membuf.c
Examining data/xmlsec1-1.2.30/tests/oss-fuzz/xmlsec_target.c
Examining data/xmlsec1-1.2.30/apps/crypto.h
Examining data/xmlsec1-1.2.30/apps/cmdline.c
Examining data/xmlsec1-1.2.30/apps/crypto.c
Examining data/xmlsec1-1.2.30/apps/cmdline.h
Examining data/xmlsec1-1.2.30/apps/xmlsec.c
Examining data/xmlsec1-1.2.30/include/xmlsec/transforms.h
Examining data/xmlsec1-1.2.30/include/xmlsec/io.h
Examining data/xmlsec1-1.2.30/include/xmlsec/parser.h
Examining data/xmlsec1-1.2.30/include/xmlsec/exports.h
Examining data/xmlsec1-1.2.30/include/xmlsec/buffer.h
Examining data/xmlsec1-1.2.30/include/xmlsec/list.h
Examining data/xmlsec1-1.2.30/include/xmlsec/keyinfo.h
Examining data/xmlsec1-1.2.30/include/xmlsec/skeleton/symbols.h
Examining data/xmlsec1-1.2.30/include/xmlsec/skeleton/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/skeleton/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/xmlenc.h
Examining data/xmlsec1-1.2.30/include/xmlsec/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/keysmngr.h
Examining data/xmlsec1-1.2.30/include/xmlsec/dl.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nodeset.h
Examining data/xmlsec1-1.2.30/include/xmlsec/soap.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscng/certkeys.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscng/symbols.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscng/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscng/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscng/x509.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscng/keysstore.h
Examining data/xmlsec1-1.2.30/include/xmlsec/x509.h
Examining data/xmlsec1-1.2.30/include/xmlsec/gcrypt/symbols.h
Examining data/xmlsec1-1.2.30/include/xmlsec/gcrypt/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/gcrypt/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/version.h
Examining data/xmlsec1-1.2.30/include/xmlsec/openssl/symbols.h
Examining data/xmlsec1-1.2.30/include/xmlsec/openssl/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/openssl/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/openssl/x509.h
Examining data/xmlsec1-1.2.30/include/xmlsec/openssl/evp.h
Examining data/xmlsec1-1.2.30/include/xmlsec/openssl/bn.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nss/bignum.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nss/symbols.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nss/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nss/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nss/x509.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nss/keysstore.h
Examining data/xmlsec1-1.2.30/include/xmlsec/nss/pkikeys.h
Examining data/xmlsec1-1.2.30/include/xmlsec/xmldsig.h
Examining data/xmlsec1-1.2.30/include/xmlsec/strings.h
Examining data/xmlsec1-1.2.30/include/xmlsec/keys.h
Examining data/xmlsec1-1.2.30/include/xmlsec/keysdata.h
Examining data/xmlsec1-1.2.30/include/xmlsec/private.h
Examining data/xmlsec1-1.2.30/include/xmlsec/membuf.h
Examining data/xmlsec1-1.2.30/include/xmlsec/bn.h
Examining data/xmlsec1-1.2.30/include/xmlsec/xmltree.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscrypto/certkeys.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscrypto/symbols.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscrypto/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscrypto/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscrypto/x509.h
Examining data/xmlsec1-1.2.30/include/xmlsec/mscrypto/keysstore.h
Examining data/xmlsec1-1.2.30/include/xmlsec/xmlsec.h
Examining data/xmlsec1-1.2.30/include/xmlsec/errors.h
Examining data/xmlsec1-1.2.30/include/xmlsec/templates.h
Examining data/xmlsec1-1.2.30/include/xmlsec/gnutls/symbols.h
Examining data/xmlsec1-1.2.30/include/xmlsec/gnutls/crypto.h
Examining data/xmlsec1-1.2.30/include/xmlsec/gnutls/app.h
Examining data/xmlsec1-1.2.30/include/xmlsec/gnutls/x509.h
Examining data/xmlsec1-1.2.30/include/xmlsec/base64.h
FINAL RESULTS:
data/xmlsec1-1.2.30/apps/cmdline.c:11:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/xmlsec1-1.2.30/apps/cmdline.c:11:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/xmlsec1-1.2.30/apps/crypto.c:11:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/xmlsec1-1.2.30/apps/crypto.c:11:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/xmlsec1-1.2.30/apps/xmlsec.c:13:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/xmlsec1-1.2.30/apps/xmlsec.c:13:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/xmlsec1-1.2.30/include/xmlsec/errors.h:440:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define XMLSEC_ERRORS_PRINTF_ATTRIBUTE __attribute__ ((format (printf, 7, 8)))
data/xmlsec1-1.2.30/src/openssl/app.c:1385:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, password);
data/xmlsec1-1.2.30/src/xmlsec.c:117:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)time(NULL));
data/xmlsec1-1.2.30/apps/cmdline.c:288:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, value->strValue, strlen(value->strValue));
data/xmlsec1-1.2.30/apps/crypto.c:282:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(p);
data/xmlsec1-1.2.30/apps/xmlsec.c:972:21: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int wmain(int argc, wchar_t *argv[ ], wchar_t *envp[ ]) {
data/xmlsec1-1.2.30/apps/xmlsec.c:972:39: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int wmain(int argc, wchar_t *argv[ ], wchar_t *envp[ ]) {
data/xmlsec1-1.2.30/apps/xmlsec.c:2338:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(value->strValue, "rb");
data/xmlsec1-1.2.30/apps/xmlsec.c:2948:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "wb");
data/xmlsec1-1.2.30/examples/xmldsigverify.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/xmlsec1-1.2.30/examples/xmldsigverify.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/xmlsec1-1.2.30/examples/xmldsigverify.c:241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/xmlsec1-1.2.30/src/buffer.c:197:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->data, data, size);
data/xmlsec1-1.2.30/src/buffer.c:341:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->data + buf->size, data, size);
data/xmlsec1-1.2.30/src/buffer.c:374:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->data, data, size);
data/xmlsec1-1.2.30/src/buffer.c:454:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "rb");
data/xmlsec1-1.2.30/src/c14n.c:331:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
data/xmlsec1-1.2.30/src/errors.c:250:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(error_msg, fatal_error, sizeof(fatal_error));
data/xmlsec1-1.2.30/src/gcrypt/digests.c:285:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->dgst, buf, ctx->dgstSize);
data/xmlsec1-1.2.30/src/gcrypt/hmac.c:282:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctx->dgstSize = atoi((char*)content);
data/xmlsec1-1.2.30/src/gcrypt/hmac.c:475:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->dgst, dgst, dgstSize);
data/xmlsec1-1.2.30/src/gcrypt/kw_aes.c:439:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char g_zero_iv[XMLSEC_KW_AES_BLOCK_SIZE] =
data/xmlsec1-1.2.30/src/gcrypt/kw_des.c:401:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, res, len);
data/xmlsec1-1.2.30/src/gcrypt/signatures.c:470:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->dgst, buf, ctx->dgstSize);
data/xmlsec1-1.2.30/src/gnutls/asymkeys.c:208:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(params[0]), p, sizeof(*p));
data/xmlsec1-1.2.30/src/gnutls/asymkeys.c:209:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(params[1]), q, sizeof(*q));
data/xmlsec1-1.2.30/src/gnutls/asymkeys.c:210:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(params[2]), g, sizeof(*g));
data/xmlsec1-1.2.30/src/gnutls/asymkeys.c:211:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(params[3]), y, sizeof(*y));
data/xmlsec1-1.2.30/src/gnutls/asymkeys.c:374:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(params[0]), m, sizeof(*m));
data/xmlsec1-1.2.30/src/gnutls/asymkeys.c:375:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(params[1]), e, sizeof(*e));
data/xmlsec1-1.2.30/src/keysdata.c:850:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*buf), xmlSecBufferGetData(buffer), (*bufSize));
data/xmlsec1-1.2.30/src/kw_aes_des.c:107:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/kw_aes_des.c:108:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out + inSize, sha1, XMLSEC_KW_DES3_BLOCK_LENGTH);
data/xmlsec1-1.2.30/src/kw_aes_des.c:129:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, iv, XMLSEC_KW_DES3_IV_LENGTH);
data/xmlsec1-1.2.30/src/kw_aes_des.c:350:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, in, inSize);
data/xmlsec1-1.2.30/src/kw_aes_des.c:354:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, xmlSecKWAesMagicBlock, XMLSEC_KW_AES_MAGIC_BLOCK_SIZE);
data/xmlsec1-1.2.30/src/kw_aes_des.c:369:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block, out, 8);
data/xmlsec1-1.2.30/src/kw_aes_des.c:370:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block + 8, p, 8);
data/xmlsec1-1.2.30/src/kw_aes_des.c:378:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, block, 8);
data/xmlsec1-1.2.30/src/kw_aes_des.c:379:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, block + 8, 8);
data/xmlsec1-1.2.30/src/kw_aes_des.c:407:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/kw_aes_des.c:423:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block, out, 8);
data/xmlsec1-1.2.30/src/kw_aes_des.c:424:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block + 8, p, 8);
data/xmlsec1-1.2.30/src/kw_aes_des.c:432:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, block, 8);
data/xmlsec1-1.2.30/src/kw_aes_des.c:433:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, block + 8, 8);
data/xmlsec1-1.2.30/src/mscng/certkeys.c:679:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dsakey->q, xmlSecBnGetData(&q), 20);
data/xmlsec1-1.2.30/src/mscng/certkeys.c:681:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blobData + offset, xmlSecBnGetData(&p), length);
data/xmlsec1-1.2.30/src/mscng/certkeys.c:689:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blobData + offset, xmlSecBnGetData(&g), length);
data/xmlsec1-1.2.30/src/mscng/certkeys.c:697:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blobData + offset, xmlSecBnGetData(&y), length);
data/xmlsec1-1.2.30/src/mscng/certkeys.c:1252:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&blob) + offset, xmlSecBnGetData(&exponent),
data/xmlsec1-1.2.30/src/mscng/certkeys.c:1256:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&blob) + offset, xmlSecBnGetData(&modulus),
data/xmlsec1-1.2.30/src/mscng/ciphers.c:323:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
data/xmlsec1-1.2.30/src/mscng/ciphers.c:402:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->pbIV, iv, ctx->dwBlockLen);
data/xmlsec1-1.2.30/src/mscng/ciphers.c:417:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->pbIV, xmlSecBufferGetData(in), ctx->dwBlockLen);
data/xmlsec1-1.2.30/src/mscng/ciphers.c:542:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->authInfo.pbNonce, bufferPtr, xmlSecMSCngAesGcmNonceLengthInBytes);
data/xmlsec1-1.2.30/src/mscng/ciphers.c:557:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->authInfo.pbNonce, bufferPtr, xmlSecMSCngAesGcmNonceLengthInBytes);
data/xmlsec1-1.2.30/src/mscng/ciphers.c:1066:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outBuf + inBufSize, ctx->authInfo.pbTag, xmlSecMSCngAesGcmTagLengthInBytes);
data/xmlsec1-1.2.30/src/mscng/ciphers.c:1072:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->authInfo.pbTag, inBuf + inBufSize - xmlSecMSCngAesGcmTagLengthInBytes,
data/xmlsec1-1.2.30/src/mscng/hmac.c:191:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctx->truncationLength = atoi((char*)content);
data/xmlsec1-1.2.30/src/mscng/kw_aes.c:142:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
data/xmlsec1-1.2.30/src/mscng/kw_aes.c:163:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscng/kw_aes.c:272:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
data/xmlsec1-1.2.30/src/mscng/kw_aes.c:293:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscng/kw_des.c:181:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, pbHash, outSize);
data/xmlsec1-1.2.30/src/mscng/kw_des.c:281:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
data/xmlsec1-1.2.30/src/mscng/kw_des.c:320:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscng/kw_des.c:331:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&ivCopy), iv, ivSize);
data/xmlsec1-1.2.30/src/mscng/kw_des.c:446:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xmlSecBufferGetData(&blob) + sizeof(BCRYPT_KEY_DATA_BLOB_HEADER),
data/xmlsec1-1.2.30/src/mscng/kw_des.c:485:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscng/x509vfy.c:820:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, " E=", 13);
data/xmlsec1-1.2.30/src/mscrypto/certkeys.c:1232:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(pubKey->pubexp), xmlSecBnGetData(&exponent), xmlSecBnGetSize(&exponent));
data/xmlsec1-1.2.30/src/mscrypto/certkeys.c:1236:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modulusBlob, xmlSecBnGetData(&modulus), xmlSecBnGetSize(&modulus));
data/xmlsec1-1.2.30/src/mscrypto/certkeys.c:1906:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, xmlSecBnGetData(&p), xmlSecBnGetSize(&p));
data/xmlsec1-1.2.30/src/mscrypto/certkeys.c:1916:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, xmlSecBnGetData(&q), xmlSecBnGetSize(&q));
data/xmlsec1-1.2.30/src/mscrypto/certkeys.c:1933:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, xmlSecBnGetData(&g), xmlSecBnGetSize(&g));
data/xmlsec1-1.2.30/src/mscrypto/certkeys.c:1949:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, xmlSecBnGetData(&y), xmlSecBnGetSize(&y));
data/xmlsec1-1.2.30/src/mscrypto/ciphers.c:196:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outBuf, inBuf, inSize);
data/xmlsec1-1.2.30/src/mscrypto/ciphers.c:302:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outBuf, inBuf, inSize);
data/xmlsec1-1.2.30/src/mscrypto/crypto.c:428:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ret = MultiByteToWideChar(CP_ACP, 0, errorText, -1, errorTextW, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE);
data/xmlsec1-1.2.30/src/mscrypto/digests.c:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dgst[MSCRYPTO_MAX_HASH_SIZE];
data/xmlsec1-1.2.30/src/mscrypto/hmac.c:94:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dgst[XMLSEC_MSCRYPTO_MAX_HMAC_SIZE];
data/xmlsec1-1.2.30/src/mscrypto/hmac.c:299:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctx->dgstSize = atoi((char*)content);
data/xmlsec1-1.2.30/src/mscrypto/kw_aes.c:418:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscrypto/kw_aes.c:466:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscrypto/kw_des.c:565:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscrypto/kw_des.c:636:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, inSize);
data/xmlsec1-1.2.30/src/mscrypto/x509vfy.c:1100:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, " E=", 13);
data/xmlsec1-1.2.30/src/nss/app.c:155:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contents->data, data, dataSize);
data/xmlsec1-1.2.30/src/nss/ciphers.c:126:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
data/xmlsec1-1.2.30/src/nss/ciphers.c:514:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->key, xmlSecBufferGetData(buffer), ctx->keySize);
data/xmlsec1-1.2.30/src/nss/hmac.c:282:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctx->dgstSize = atoi((char*)content);
data/xmlsec1-1.2.30/src/nss/x509vfy.c:384:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, " E=", 13);
data/xmlsec1-1.2.30/src/nss/x509vfy.c:590:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, name, nameLen);
data/xmlsec1-1.2.30/src/nss/x509vfy.c:614:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, value, valueLen);
data/xmlsec1-1.2.30/src/nss/x509vfy.c:628:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, value, valueLen);
data/xmlsec1-1.2.30/src/nss/x509vfy.c:698:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bb[9];
data/xmlsec1-1.2.30/src/openssl/app.c:1234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/xmlsec1-1.2.30/src/openssl/app.c:1261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/xmlsec1-1.2.30/src/openssl/ciphers.c:132:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
data/xmlsec1-1.2.30/src/openssl/ciphers.c:420:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->pad, inBuf, inSize);
data/xmlsec1-1.2.30/src/openssl/ciphers.c:535:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outBuf, tag, xmlSecOpenSSLAesGcmTagLengthInBytes);
data/xmlsec1-1.2.30/src/openssl/ciphers.c:546:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tag, inBuf + inSize - xmlSecOpenSSLAesGcmTagLengthInBytes,
data/xmlsec1-1.2.30/src/openssl/ciphers.c:783:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->key, xmlSecBufferGetData(buffer), cipherKeyLen);
data/xmlsec1-1.2.30/src/openssl/hmac.c:286:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctx->dgstSize = atoi((char*)content);
data/xmlsec1-1.2.30/src/openssl/signatures.c:155:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dgst[EVP_MAX_MD_SIZE];
data/xmlsec1-1.2.30/src/openssl/x509.c:1987:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/xmlsec1-1.2.30/src/openssl/x509.c:2011:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/xmlsec1-1.2.30/src/openssl/x509vfy.c:344:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[256], issuer[256];
data/xmlsec1-1.2.30/src/openssl/x509vfy.c:361:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[256], issuer[256];
data/xmlsec1-1.2.30/src/relationship.c:687:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, xmlSecBufferGetData(out), outSize);
data/xmlsec1-1.2.30/src/templates.c:1448:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/xmlsec1-1.2.30/src/templates.c:1468:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%lu", (unsigned long)bitsLen);
data/xmlsec1-1.2.30/src/transforms.c:2067:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
data/xmlsec1-1.2.30/src/xmltree.c:1706:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ret = MultiByteToWideChar(CP_UTF8, 0, (LPCCH)str, -1, NULL, 0);
data/xmlsec1-1.2.30/src/xmltree.c:1720:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ret = MultiByteToWideChar(CP_UTF8, 0, (LPCCH)str, -1, res, len);
data/xmlsec1-1.2.30/src/xmltree.c:1788:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ret = MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
data/xmlsec1-1.2.30/src/xmltree.c:1802:11: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
ret = MultiByteToWideChar(CP_ACP, 0, str, -1, res, len);
data/xmlsec1-1.2.30/apps/cmdline.c:180:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(paramName);
data/xmlsec1-1.2.30/apps/cmdline.c:282:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char*)malloc(strlen(value->strValue) + 2);
data/xmlsec1-1.2.30/apps/cmdline.c:284:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(stderr, "Error: failed to allocate memory (%d bytes).\n", (int)strlen(value->strValue) + 2);
data/xmlsec1-1.2.30/apps/cmdline.c:287:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(buf, 0, strlen(value->strValue) + 2);
data/xmlsec1-1.2.30/apps/cmdline.c:288:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(buf, value->strValue, strlen(value->strValue));
data/xmlsec1-1.2.30/apps/crypto.c:118:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(files += strlen(files) + 1; (files[0] != '\0'); files += strlen(files) + 1) {
data/xmlsec1-1.2.30/apps/crypto.c:118:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(files += strlen(files) + 1; (files[0] != '\0'); files += strlen(files) + 1) {
data/xmlsec1-1.2.30/apps/crypto.c:128:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
files += strlen(files) + 1;
data/xmlsec1-1.2.30/apps/xmlsec.c:1945:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(p = value->strListValue; (p != NULL) && ((*p) != '\0'); p += strlen(p)) {
data/xmlsec1-1.2.30/apps/xmlsec.c:2933:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string += strlen(string) + 1;
data/xmlsec1-1.2.30/examples/encrypt1.c:114:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(encrypt_file(argv[1], argv[2], secret_data, strlen(secret_data)) < 0) {
data/xmlsec1-1.2.30/examples/xmldsigverify.c:185:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(entry->d_name);
data/xmlsec1-1.2.30/src/mscng/app.c:55:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(config != NULL && strlen(config) > 0) {
data/xmlsec1-1.2.30/src/mscrypto/app.c:66:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (NULL != config && strlen(config) > 0) {
data/xmlsec1-1.2.30/src/nss/app.c:747:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pwditem.len = strlen(pwd)+1;
data/xmlsec1-1.2.30/src/openssl/app.c:625:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = PKCS12_verify_mac(p12, pwd, (pwd != NULL) ? (int)strlen(pwd) : 0);
data/xmlsec1-1.2.30/src/openssl/app.c:1324:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return((int)strlen(buf));
data/xmlsec1-1.2.30/src/openssl/app.c:1354:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return((int)strlen(buf));
data/xmlsec1-1.2.30/src/openssl/app.c:1377:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
passwordlen = (int)strlen(password);
ANALYSIS SUMMARY:
Hits = 142
Lines analyzed = 119924 in approximately 2.82 seconds (42577 lines/second)
Physical Source Lines of Code (SLOC) = 76194
Hits@level = [0] 880 [1] 19 [2] 114 [3] 1 [4] 8 [5] 0
Hits@level+ = [0+] 1022 [1+] 142 [2+] 123 [3+] 9 [4+] 8 [5+] 0
Hits/KSLOC@level+ = [0+] 13.4131 [1+] 1.86366 [2+] 1.6143 [3+] 0.11812 [4+] 0.104995 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.