Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xxhash-0.8.0/tests/bench/benchHash.c
Examining data/xxhash-0.8.0/tests/bench/benchHash.h
Examining data/xxhash-0.8.0/tests/bench/benchfn.c
Examining data/xxhash-0.8.0/tests/bench/benchfn.h
Examining data/xxhash-0.8.0/tests/bench/bhDisplay.c
Examining data/xxhash-0.8.0/tests/bench/bhDisplay.h
Examining data/xxhash-0.8.0/tests/bench/hashes.h
Examining data/xxhash-0.8.0/tests/bench/main.c
Examining data/xxhash-0.8.0/tests/bench/timefn.c
Examining data/xxhash-0.8.0/tests/bench/timefn.h
Examining data/xxhash-0.8.0/tests/collisions/allcodecs/dummy.c
Examining data/xxhash-0.8.0/tests/collisions/allcodecs/dummy.h
Examining data/xxhash-0.8.0/tests/collisions/hashes.h
Examining data/xxhash-0.8.0/tests/collisions/main.c
Examining data/xxhash-0.8.0/tests/collisions/pool.c
Examining data/xxhash-0.8.0/tests/collisions/pool.h
Examining data/xxhash-0.8.0/tests/collisions/sort.cc
Examining data/xxhash-0.8.0/tests/collisions/threading.c
Examining data/xxhash-0.8.0/tests/collisions/threading.h
Examining data/xxhash-0.8.0/tests/generate_unicode_test.c
Examining data/xxhash-0.8.0/tests/multiInclude.c
Examining data/xxhash-0.8.0/tests/ppc_define.c
Examining data/xxhash-0.8.0/xxh3.h
Examining data/xxhash-0.8.0/xxh_x86dispatch.c
Examining data/xxhash-0.8.0/xxh_x86dispatch.h
Examining data/xxhash-0.8.0/xxhash.c
Examining data/xxhash-0.8.0/xxhash.h
Examining data/xxhash-0.8.0/xxhsum.c
FINAL RESULTS:
data/xxhash-0.8.0/tests/bench/benchfn.c:41:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define DISPLAY(...) fprintf(stderr, __VA_ARGS__)
data/xxhash-0.8.0/tests/collisions/main.c:62:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define EXIT(...) { printf(__VA_ARGS__); printf("\n"); exit(1); }
data/xxhash-0.8.0/tests/collisions/main.c:587:37: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DISPLAY(...) { if (display) printf(__VA_ARGS__); }
data/xxhash-0.8.0/xxhsum.c:493:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DISPLAY(...) fprintf(stderr, __VA_ARGS__)
data/xxhash-0.8.0/xxhsum.c:494:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DISPLAYRESULT(...) fprintf(stdout, __VA_ARGS__)
data/xxhash-0.8.0/tests/bench/bhDisplay.c:122:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned)s); /* ensure random sequence of length will be the same for a given s */
data/xxhash-0.8.0/tests/bench/bhDisplay.c:145:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned)s); /* ensure random sequence of length will be the same for a given s */
data/xxhash-0.8.0/tests/collisions/threading.h:49:52: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
#define ZSTD_pthread_mutex_init(a, b) ((void)(b), InitializeCriticalSection((a)), 0)
data/xxhash-0.8.0/tests/collisions/threading.h:51:40: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
#define ZSTD_pthread_mutex_lock(a) EnterCriticalSection((a))
data/xxhash-0.8.0/tests/bench/benchHash.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstBuffer_static[FAKE_DSTSIZE] = {0};
data/xxhash-0.8.0/tests/bench/benchfn.c:170:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char check_size[ 2 * (sizeof(BMK_timedFnState_shell) >= sizeof(struct BMK_timedFnState_s)) - 1]; /* static assert : a compilation failure indicates that BMK_timedFnState_shell is not large enough */
data/xxhash-0.8.0/tests/bench/benchfn.h:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char never_access_space[BMK_TIMEDFNSTATE_SIZE];
data/xxhash-0.8.0/tests/collisions/main.c:193:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr+start, &val32, sizeof(val32));
data/xxhash-0.8.0/tests/collisions/main.c:505:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char delayString[50];
data/xxhash-0.8.0/tests/collisions/main.c:513:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (h) sprintf(p, "%i h ", h);
data/xxhash-0.8.0/tests/collisions/main.c:516:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%i mn ", mn);
data/xxhash-0.8.0/tests/collisions/main.c:519:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%is ", sec);
data/xxhash-0.8.0/tests/collisions/pool.c:214:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(threadPool, ctx->threads, ctx->threadCapacity * sizeof(*threadPool));
data/xxhash-0.8.0/tests/generate_unicode_test.c:70:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(FILENAME, "wb"))) return 1;
data/xxhash-0.8.0/tests/generate_unicode_test.c:76:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(checksum = fopen("unicode_test.xxh64", "wb")))
data/xxhash-0.8.0/tests/generate_unicode_test.c:85:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(script = fopen("unicode_test.bat", "wb")))
data/xxhash-0.8.0/tests/generate_unicode_test.c:114:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(script = fopen("unicode_test.sh", "wb")))
data/xxhash-0.8.0/xxhash.h:354:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef struct { unsigned char digest[4]; } XXH32_canonical_t;
data/xxhash-0.8.0/xxhash.h:399:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef struct { unsigned char digest[sizeof(XXH64_hash_t)]; } XXH64_canonical_t;
data/xxhash-0.8.0/xxhash.h:588:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef struct { unsigned char digest[sizeof(XXH128_hash_t)]; } XXH128_canonical_t;
data/xxhash-0.8.0/xxhash.h:666:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XXH_ALIGN_MEMBER(64, unsigned char customSecret[XXH3_SECRET_DEFAULT_SIZE]);
data/xxhash-0.8.0/xxhash.h:667:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XXH_ALIGN_MEMBER(64, unsigned char buffer[XXH3_INTERNALBUFFER_SIZE]);
data/xxhash-0.8.0/xxhash.h:916:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy(dest,src,size);
data/xxhash-0.8.0/xxhash.h:1428:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstState, srcState, sizeof(*dstState));
data/xxhash-0.8.0/xxhash.h:1440:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(statePtr, &state, sizeof(state) - sizeof(state.reserved));
data/xxhash-0.8.0/xxhash.h:1547:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &hash, sizeof(*dst));
data/xxhash-0.8.0/xxhash.h:1969:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstState, srcState, sizeof(*dstState));
data/xxhash-0.8.0/xxhash.h:1981:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(statePtr, &state, sizeof(state) - sizeof(state.reserved64));
data/xxhash-0.8.0/xxhash.h:2077:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &hash, sizeof(*dst));
data/xxhash-0.8.0/xxhash.h:2451:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ret, ptr, sizeof(xxh_u64x2));
data/xxhash-0.8.0/xxhash.h:2986:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &v64, sizeof(v64));
data/xxhash-0.8.0/xxhash.h:3968:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_state, src_state, sizeof(*dst_state));
data/xxhash-0.8.0/xxhash.h:4112:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->buffer + sizeof(state->buffer) - XXH_STRIPE_LEN, input - XXH_STRIPE_LEN, XXH_STRIPE_LEN);
data/xxhash-0.8.0/xxhash.h:4141:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(acc, state->acc, sizeof(state->acc));
data/xxhash-0.8.0/xxhash.h:4158:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lastStripe, state->buffer + sizeof(state->buffer) - catchupSize, catchupSize);
data/xxhash-0.8.0/xxhash.h:4159:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lastStripe + catchupSize, state->buffer, state->bufferedSize);
data/xxhash-0.8.0/xxhash.h:4191:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secretBuffer, XXH3_kSecret, XXH_SECRET_DEFAULT_SIZE);
data/xxhash-0.8.0/xxhash.h:4210:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seeds, customSeed, toFill);
data/xxhash-0.8.0/xxhash.h:4213:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)seeds + filled, seeds, toFill);
data/xxhash-0.8.0/xxhash.h:4218:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secretBuffer, &scrambler, sizeof(scrambler));
data/xxhash-0.8.0/xxhash.h:4224:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)secretBuffer + segmentStart, &segment, sizeof(segment));
data/xxhash-0.8.0/xxhash.h:4738:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &hash.high64, sizeof(hash.high64));
data/xxhash-0.8.0/xxhash.h:4739:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)dst + sizeof(hash.high64), &hash.low64, sizeof(hash.low64));
data/xxhash-0.8.0/xxhsum.c:142:21: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int const len = MultiByteToWideChar(CP_UTF8, 0, str, -1, NULL, 0);
data/xxhash-0.8.0/xxhsum.c:147:17: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
if (MultiByteToWideChar(CP_UTF8, 0, str, -1, buf, len) == 0) {
data/xxhash-0.8.0/xxhsum.c:303:37: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define XXH_fopen(filename, mode) fopen(filename, mode)
data/xxhash-0.8.0/xxhsum.c:567:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, s1, len1);
data/xxhash-0.8.0/xxhsum.c:569:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len1, s2, len2 + 1);
data/xxhash-0.8.0/xxhsum.c:708:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_testIDs[NB_TESTFUNC] = { 0 };
data/xxhash-0.8.0/xxhsum.c:709:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char k_testIDs_default[NB_TESTFUNC] = { 0,
data/xxhash-0.8.0/tests/bench/main.c:85:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t const comSize = strlen(longCommand);
data/xxhash-0.8.0/tests/bench/main.c:100:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t const comSize = strlen(longCommand);
data/xxhash-0.8.0/tests/bench/main.c:144:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hname) != strlen(hashCandidates[id].name)) continue;
data/xxhash-0.8.0/tests/bench/main.c:144:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hname) != strlen(hashCandidates[id].name)) continue;
data/xxhash-0.8.0/tests/collisions/main.c:515:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = delayString + strlen(delayString);
data/xxhash-0.8.0/tests/collisions/main.c:518:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = delayString + strlen(delayString);
data/xxhash-0.8.0/tests/collisions/main.c:942:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t const comSize = strlen(longCommand);
data/xxhash-0.8.0/xxhsum.c:562:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ size_t len1 = strlen(s1);
data/xxhash-0.8.0/xxhsum.c:563:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(s2);
data/xxhash-0.8.0/xxhsum.c:1765:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const int c = fgetc(inFile);
data/xxhash-0.8.0/xxhsum.c:1885:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash_len = strlen(hash_ptr);
ANALYSIS SUMMARY:
Hits = 66
Lines analyzed = 12082 in approximately 0.35 seconds (35018 lines/second)
Physical Source Lines of Code (SLOC) = 7303
Hits@level = [0] 101 [1] 11 [2] 46 [3] 4 [4] 5 [5] 0
Hits@level+ = [0+] 167 [1+] 66 [2+] 55 [3+] 9 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 22.8673 [1+] 9.03738 [2+] 7.53115 [3+] 1.23237 [4+] 0.68465 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.