The following issues were found
src/secp256k1/src/scalar_impl.h
4 issues
Line: 265
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
static void secp256k1_scalar_split_lambda_verify(const secp256k1_scalar *r1, const secp256k1_scalar *r2, const secp256k1_scalar *k) {
secp256k1_scalar s;
unsigned char buf1[32];
unsigned char buf2[32];
/* (a1 + a2 + 1)/2 is 0xa2a8918ca85bafe22016d0b917e4dd77 */
static const unsigned char k1_bound[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
Reported by FlawFinder.
Line: 266
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void secp256k1_scalar_split_lambda_verify(const secp256k1_scalar *r1, const secp256k1_scalar *r2, const secp256k1_scalar *k) {
secp256k1_scalar s;
unsigned char buf1[32];
unsigned char buf2[32];
/* (a1 + a2 + 1)/2 is 0xa2a8918ca85bafe22016d0b917e4dd77 */
static const unsigned char k1_bound[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xa2, 0xa8, 0x91, 0x8c, 0xa8, 0x5b, 0xaf, 0xe2, 0x20, 0x16, 0xd0, 0xb9, 0x17, 0xe4, 0xdd, 0x77
Reported by FlawFinder.
Line: 269
Column: 27
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char buf2[32];
/* (a1 + a2 + 1)/2 is 0xa2a8918ca85bafe22016d0b917e4dd77 */
static const unsigned char k1_bound[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xa2, 0xa8, 0x91, 0x8c, 0xa8, 0x5b, 0xaf, 0xe2, 0x20, 0x16, 0xd0, 0xb9, 0x17, 0xe4, 0xdd, 0x77
};
/* (-b1 + b2)/2 + 1 is 0x8a65287bd47179fb2be08846cea267ed */
Reported by FlawFinder.
Line: 275
Column: 27
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
/* (-b1 + b2)/2 + 1 is 0x8a65287bd47179fb2be08846cea267ed */
static const unsigned char k2_bound[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x8a, 0x65, 0x28, 0x7b, 0xd4, 0x71, 0x79, 0xfb, 0x2b, 0xe0, 0x88, 0x46, 0xce, 0xa2, 0x67, 0xed
};
secp256k1_scalar_mul(&s, &secp256k1_const_lambda, r2);
Reported by FlawFinder.
test/functional/test_framework/segwit_addr.py
4 issues
Line: 39
Column: 5
def bech32_verify_checksum(hrp, data):
"""Verify a checksum given HRP and converted data characters."""
check = bech32_polymod(bech32_hrp_expand(hrp) + data)
if check == BECH32_CONST:
return Encoding.BECH32
elif check == BECH32M_CONST:
return Encoding.BECH32M
else:
return None
Reported by Pylint.
Line: 114
Column: 1
return (None, None)
if data[0] == 0 and len(decoded) != 20 and len(decoded) != 32:
return (None, None)
if (data[0] == 0 and encoding != Encoding.BECH32) or (data[0] != 0 and encoding != Encoding.BECH32M):
return (None, None)
return (data[0], decoded)
def encode_segwit_address(hrp, witver, witprog):
Reported by Pylint.
Line: 127
Column: 1
return None
return ret
class TestFrameworkScript(unittest.TestCase):
def test_segwit_encode_decode(self):
def test_python_bech32(addr):
hrp = addr[:4]
self.assertEqual(hrp, "bcrt")
(witver, witprog) = decode_segwit_address(hrp, addr)
Reported by Pylint.
Line: 128
Column: 5
return ret
class TestFrameworkScript(unittest.TestCase):
def test_segwit_encode_decode(self):
def test_python_bech32(addr):
hrp = addr[:4]
self.assertEqual(hrp, "bcrt")
(witver, witprog) = decode_segwit_address(hrp, addr)
self.assertEqual(encode_segwit_address(hrp, witver, witprog), addr)
Reported by Pylint.
test/functional/feature_shutdown.py
4 issues
Line: 9
Column: 1
from test_framework.test_framework import BitcoinTestFramework
from test_framework.util import assert_equal, get_rpc_proxy
from threading import Thread
def test_long_call(node):
block = node.waitfornewblock()
assert_equal(block['height'], 0)
Reported by Pylint.
Line: 11
Column: 1
from test_framework.util import assert_equal, get_rpc_proxy
from threading import Thread
def test_long_call(node):
block = node.waitfornewblock()
assert_equal(block['height'], 0)
class ShutdownTest(BitcoinTestFramework):
Reported by Pylint.
Line: 15
Column: 1
block = node.waitfornewblock()
assert_equal(block['height'], 0)
class ShutdownTest(BitcoinTestFramework):
def set_test_params(self):
self.setup_clean_chain = True
self.num_nodes = 1
self.supports_cli = False
Reported by Pylint.
Line: 23
Column: 1
self.supports_cli = False
def run_test(self):
node = get_rpc_proxy(self.nodes[0].url, 1, timeout=600, coveragedir=self.nodes[0].coverage_dir)
# Force connection establishment by executing a dummy command.
node.getblockcount()
Thread(target=test_long_call, args=(node,)).start()
# Wait until the server is executing the above `waitfornewblock`.
self.wait_until(lambda: len(self.nodes[0].getrpcinfo()['active_commands']) == 2)
Reported by Pylint.
src/crypto/hmac_sha512.cpp
4 issues
Line: 11
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
CHMAC_SHA512::CHMAC_SHA512(const unsigned char* key, size_t keylen)
{
unsigned char rkey[128];
if (keylen <= 128) {
memcpy(rkey, key, keylen);
memset(rkey + keylen, 0, 128 - keylen);
} else {
CSHA512().Write(key, keylen).Finalize(rkey);
Reported by FlawFinder.
Line: 13
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
unsigned char rkey[128];
if (keylen <= 128) {
memcpy(rkey, key, keylen);
memset(rkey + keylen, 0, 128 - keylen);
} else {
CSHA512().Write(key, keylen).Finalize(rkey);
memset(rkey + 64, 0, 64);
}
Reported by FlawFinder.
Line: 29
Column: 38
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
inner.Write(rkey, 128);
}
void CHMAC_SHA512::Finalize(unsigned char hash[OUTPUT_SIZE])
{
unsigned char temp[64];
inner.Finalize(temp);
outer.Write(temp, 64).Finalize(hash);
}
Reported by FlawFinder.
Line: 31
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void CHMAC_SHA512::Finalize(unsigned char hash[OUTPUT_SIZE])
{
unsigned char temp[64];
inner.Finalize(temp);
outer.Write(temp, 64).Finalize(hash);
}
Reported by FlawFinder.
src/crypto/hmac_sha256.cpp
4 issues
Line: 11
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
CHMAC_SHA256::CHMAC_SHA256(const unsigned char* key, size_t keylen)
{
unsigned char rkey[64];
if (keylen <= 64) {
memcpy(rkey, key, keylen);
memset(rkey + keylen, 0, 64 - keylen);
} else {
CSHA256().Write(key, keylen).Finalize(rkey);
Reported by FlawFinder.
Line: 13
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
unsigned char rkey[64];
if (keylen <= 64) {
memcpy(rkey, key, keylen);
memset(rkey + keylen, 0, 64 - keylen);
} else {
CSHA256().Write(key, keylen).Finalize(rkey);
memset(rkey + 32, 0, 32);
}
Reported by FlawFinder.
Line: 29
Column: 38
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
inner.Write(rkey, 64);
}
void CHMAC_SHA256::Finalize(unsigned char hash[OUTPUT_SIZE])
{
unsigned char temp[32];
inner.Finalize(temp);
outer.Write(temp, 32).Finalize(hash);
}
Reported by FlawFinder.
Line: 31
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void CHMAC_SHA256::Finalize(unsigned char hash[OUTPUT_SIZE])
{
unsigned char temp[32];
inner.Finalize(temp);
outer.Write(temp, 32).Finalize(hash);
}
Reported by FlawFinder.
src/leveldb/util/coding.cc
4 issues
Line: 10
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
namespace leveldb {
void PutFixed32(std::string* dst, uint32_t value) {
char buf[sizeof(value)];
EncodeFixed32(buf, value);
dst->append(buf, sizeof(buf));
}
void PutFixed64(std::string* dst, uint64_t value) {
Reported by FlawFinder.
Line: 16
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
void PutFixed64(std::string* dst, uint64_t value) {
char buf[sizeof(value)];
EncodeFixed64(buf, value);
dst->append(buf, sizeof(buf));
}
char* EncodeVarint32(char* dst, uint32_t v) {
Reported by FlawFinder.
Line: 50
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
void PutVarint32(std::string* dst, uint32_t v) {
char buf[5];
char* ptr = EncodeVarint32(buf, v);
dst->append(buf, ptr - buf);
}
char* EncodeVarint64(char* dst, uint64_t v) {
Reported by FlawFinder.
Line: 67
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
void PutVarint64(std::string* dst, uint64_t v) {
char buf[10];
char* ptr = EncodeVarint64(buf, v);
dst->append(buf, ptr - buf);
}
void PutLengthPrefixedSlice(std::string* dst, const Slice& value) {
Reported by FlawFinder.
src/secp256k1/src/modules/extrakeys/main_impl.h
4 issues
Line: 59
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
int secp256k1_xonly_pubkey_cmp(const secp256k1_context* ctx, const secp256k1_xonly_pubkey* pk0, const secp256k1_xonly_pubkey* pk1) {
unsigned char out[2][32];
const secp256k1_xonly_pubkey* pk[2];
int i;
VERIFY_CHECK(ctx != NULL);
pk[0] = pk0; pk[1] = pk1;
Reported by FlawFinder.
Line: 137
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int secp256k1_xonly_pubkey_tweak_add_check(const secp256k1_context* ctx, const unsigned char *tweaked_pubkey32, int tweaked_pk_parity, const secp256k1_xonly_pubkey *internal_pubkey, const unsigned char *tweak32) {
secp256k1_ge pk;
unsigned char pk_expected32[32];
VERIFY_CHECK(ctx != NULL);
ARG_CHECK(secp256k1_ecmult_context_is_built(&ctx->ecmult_ctx));
ARG_CHECK(internal_pubkey != NULL);
ARG_CHECK(tweaked_pubkey32 != NULL);
Reported by FlawFinder.
Line: 221
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memset(seckey, 0, 32);
ARG_CHECK(keypair != NULL);
memcpy(seckey, &keypair->data[0], 32);
return 1;
}
int secp256k1_keypair_pub(const secp256k1_context* ctx, secp256k1_pubkey *pubkey, const secp256k1_keypair *keypair) {
VERIFY_CHECK(ctx != NULL);
Reported by FlawFinder.
Line: 231
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memset(pubkey, 0, sizeof(*pubkey));
ARG_CHECK(keypair != NULL);
memcpy(pubkey->data, &keypair->data[32], sizeof(*pubkey));
return 1;
}
int secp256k1_keypair_xonly_pub(const secp256k1_context* ctx, secp256k1_xonly_pubkey *pubkey, int *pk_parity, const secp256k1_keypair *keypair) {
secp256k1_ge pk;
Reported by FlawFinder.
src/secp256k1/src/bench_verify.c
4 issues
Line: 23
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
secp256k1_context *ctx;
unsigned char msg[32];
unsigned char key[32];
unsigned char sig[72];
size_t siglen;
unsigned char pubkey[33];
size_t pubkeylen;
Reported by FlawFinder.
Line: 24
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
secp256k1_context *ctx;
unsigned char msg[32];
unsigned char key[32];
unsigned char sig[72];
size_t siglen;
unsigned char pubkey[33];
size_t pubkeylen;
#ifdef ENABLE_OPENSSL_TESTS
Reported by FlawFinder.
Line: 25
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
secp256k1_context *ctx;
unsigned char msg[32];
unsigned char key[32];
unsigned char sig[72];
size_t siglen;
unsigned char pubkey[33];
size_t pubkeylen;
#ifdef ENABLE_OPENSSL_TESTS
EC_GROUP* ec_group;
Reported by FlawFinder.
Line: 27
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char key[32];
unsigned char sig[72];
size_t siglen;
unsigned char pubkey[33];
size_t pubkeylen;
#ifdef ENABLE_OPENSSL_TESTS
EC_GROUP* ec_group;
#endif
} bench_verify_data;
Reported by FlawFinder.
src/leveldb/util/coding.h
4 issues
Line: 68
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (port::kLittleEndian) {
// Fast path for little-endian CPUs. All major compilers optimize this to a
// single mov (x86_64) / str (ARM) instruction.
std::memcpy(buffer, &value, sizeof(uint32_t));
return;
}
// Platform-independent code.
// Currently, only gcc optimizes this to a single mov / str instruction.
Reported by FlawFinder.
Line: 86
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (port::kLittleEndian) {
// Fast path for little-endian CPUs. All major compilers optimize this to a
// single mov (x86_64) / str (ARM) instruction.
std::memcpy(buffer, &value, sizeof(uint64_t));
return;
}
// Platform-independent code.
// Currently, only gcc optimizes this to a single mov / str instruction.
Reported by FlawFinder.
Line: 112
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// Fast path for little-endian CPUs. All major compilers optimize this to a
// single mov (x86_64) / ldr (ARM) instruction.
uint32_t result;
std::memcpy(&result, buffer, sizeof(uint32_t));
return result;
}
// Platform-independent code.
// Clang and gcc optimize this to a single mov / ldr instruction.
Reported by FlawFinder.
Line: 131
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// Fast path for little-endian CPUs. All major compilers optimize this to a
// single mov (x86_64) / ldr (ARM) instruction.
uint64_t result;
std::memcpy(&result, buffer, sizeof(uint64_t));
return result;
}
// Platform-independent code.
// Clang and gcc optimize this to a single mov / ldr instruction.
Reported by FlawFinder.
src/secp256k1/src/bench_internal.c
4 issues
Line: 26
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
secp256k1_fe fe[4];
secp256k1_ge ge[2];
secp256k1_gej gej[2];
unsigned char data[64];
int wnaf[256];
} bench_inv;
void bench_setup(void* arg) {
bench_inv *data = (bench_inv*)arg;
Reported by FlawFinder.
Line: 33
Column: 27
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void bench_setup(void* arg) {
bench_inv *data = (bench_inv*)arg;
static const unsigned char init[4][32] = {
/* Initializer for scalar[0], fe[0], first half of data, the X coordinate of ge[0],
and the (implied affine) X coordinate of gej[0]. */
{
0x02, 0x03, 0x05, 0x07, 0x0b, 0x0d, 0x11, 0x13,
0x17, 0x1d, 0x1f, 0x25, 0x29, 0x2b, 0x2f, 0x35,
Reported by FlawFinder.
Line: 78
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
secp256k1_gej_rescale(&data->gej[0], &data->fe[2]);
secp256k1_gej_set_ge(&data->gej[1], &data->ge[1]);
secp256k1_gej_rescale(&data->gej[1], &data->fe[3]);
memcpy(data->data, init[0], 32);
memcpy(data->data + 32, init[1], 32);
}
void bench_scalar_add(void* arg, int iters) {
int i, j = 0;
Reported by FlawFinder.
Line: 79
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
secp256k1_gej_set_ge(&data->gej[1], &data->ge[1]);
secp256k1_gej_rescale(&data->gej[1], &data->fe[3]);
memcpy(data->data, init[0], 32);
memcpy(data->data + 32, init[1], 32);
}
void bench_scalar_add(void* arg, int iters) {
int i, j = 0;
bench_inv *data = (bench_inv*)arg;
Reported by FlawFinder.