The following issues were found
git-p4.py
209 issues
Line: 273
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
cli = [os.path.join(exe_path, "SH.EXE")] + cli
else:
use_shell = True
return subprocess.call(cli, shell=use_shell)
def write_pipe(c, stdin):
if verbose:
sys.stderr.write('Writing pipe: %s\n' % str(c))
Reported by Bandit.
Line: 281
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
sys.stderr.write('Writing pipe: %s\n' % str(c))
expand = not isinstance(c, list)
p = subprocess.Popen(c, stdin=subprocess.PIPE, shell=expand)
pipe = p.stdin
val = pipe.write(stdin)
pipe.close()
if p.wait():
die('Command failed: %s' % str(c))
Reported by Bandit.
Line: 305
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
sys.stderr.write('Reading pipe: %s\n' % str(c))
expand = not isinstance(c, list)
p = subprocess.Popen(c, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=expand)
(out, err) = p.communicate()
return (p.returncode, out, decode_text_stream(err))
def read_pipe(c, ignore_error=False, raw=False):
""" Read output from command. Returns the output text on
Reported by Bandit.
Line: 345
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
sys.stderr.write('Reading pipe: %s\n' % str(c))
expand = not isinstance(c, list)
p = subprocess.Popen(c, stdout=subprocess.PIPE, shell=expand)
pipe = p.stdout
val = [decode_text_stream(line) for line in pipe.readlines()]
if pipe.close() or p.wait():
die('Command failed: %s' % str(c))
return val
Reported by Bandit.
Line: 390
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
expand = not isinstance(cmd, list)
if verbose:
sys.stderr.write("executing %s\n" % str(cmd))
retcode = subprocess.call(cmd, shell=expand)
if retcode and not ignore_error:
raise CalledProcessError(retcode, cmd)
return retcode
Reported by Bandit.
Line: 400
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
"""Specifically invoke p4 as the system command. """
real_cmd = p4_build_cmd(cmd)
expand = not isinstance(real_cmd, list)
retcode = subprocess.call(real_cmd, shell=expand)
if retcode:
raise CalledProcessError(retcode, real_cmd)
def die_bad_access(s):
die("failure accessing depot: {0}".format(s.rstrip()))
Reported by Bandit.
Line: 758
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
stdin_file.seek(0)
p4 = subprocess.Popen(cmd,
shell=expand,
stdin=stdin_file,
stdout=subprocess.PIPE)
result = []
try:
Reported by Bandit.
Line: 2085
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b605_start_process_with_a_shell.html
if verbose:
print("TryPatch: %s" % tryPatchCmd)
if os.system(tryPatchCmd) != 0:
fixed_rcs_keywords = False
patch_succeeded = False
print("Unfortunately applying the change failed!")
# Patch failed, maybe it's just RCS keyword woes. Look through
Reported by Bandit.
Line: 2122
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b605_start_process_with_a_shell.html
if fixed_rcs_keywords:
print("Retrying the patch with RCS keywords cleaned up")
if os.system(tryPatchCmd) == 0:
patch_succeeded = True
print("Patch succeesed this time with RCS keywords cleaned")
if not patch_succeeded:
for f in editedFiles:
Reported by Bandit.
Line: 14
Column: 1
# pylint: disable=no-self-use,wrong-import-position,consider-iterating-dictionary
# pylint: disable=wrong-import-order,unused-import,too-few-public-methods
# pylint: disable=too-many-lines,ungrouped-imports,fixme,too-many-locals
# pylint: disable=line-too-long,bad-whitespace,superfluous-parens
# pylint: disable=too-many-statements,too-many-instance-attributes
# pylint: disable=too-many-branches,too-many-nested-blocks
#
import sys
if sys.version_info.major < 3 and sys.version_info.minor < 7:
Reported by Pylint.
compat/mingw.c
90 issues
Line: 818
Column: 22
CWE codes:
362
20
Suggestion:
Reconsider approach
(findbuf.dwReserved0 == IO_REPARSE_TAG_SYMLINK)) {
if (follow) {
char buffer[MAXIMUM_REPARSE_DATA_BUFFER_SIZE];
buf->st_size = readlink(file_name, buffer, MAXIMUM_REPARSE_DATA_BUFFER_SIZE);
} else {
buf->st_mode = S_IFLNK;
}
buf->st_mode |= S_IREAD;
if (!(findbuf.dwFileAttributes & FILE_ATTRIBUTE_READONLY))
Reported by FlawFinder.
Line: 2774
CWE codes:
772
static char *wcstoutfdup_startup(char *buffer, const wchar_t *wcs, size_t len)
{
len = xwcstoutf(buffer, wcs, len) + 1;
return memcpy(malloc_startup(len), buffer, len);
}
static void maybe_redirect_std_handle(const wchar_t *key, DWORD std_id, int fd,
DWORD desired_access, DWORD flags)
{
Reported by Cppcheck.
Line: 2774
CWE codes:
772
static char *wcstoutfdup_startup(char *buffer, const wchar_t *wcs, size_t len)
{
len = xwcstoutf(buffer, wcs, len) + 1;
return memcpy(malloc_startup(len), buffer, len);
}
static void maybe_redirect_std_handle(const wchar_t *key, DWORD std_id, int fd,
DWORD desired_access, DWORD flags)
{
Reported by Cppcheck.
Line: 199
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list args;
va_start(args, format);
vsnprintf(question, sizeof(question), format, args);
va_end(args);
if ((retry_hook[0] = mingw_getenv("GIT_ASK_YESNO"))) {
retry_hook[1] = question;
return !run_command_v_opt(retry_hook, 0);
Reported by FlawFinder.
Line: 323
Column: 2
CWE codes:
120
Suggestion:
Consider using a function version that stops copying at the end of the buffer
WIN32_FIND_DATAW findbuf;
HANDLE handle;
wchar_t wbuf[MAX_PATH + 2];
wcscpy(wbuf, wpath);
wcscat(wbuf, L"\\*");
handle = FindFirstFileW(wbuf, &findbuf);
if (handle == INVALID_HANDLE_VALUE)
return GetLastError() == ERROR_NO_MORE_FILES;
Reported by FlawFinder.
Line: 628
Column: 15
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (xutftowcs(wotype, otype, ARRAY_SIZE(wotype)) < 0)
return NULL;
if (hide && !access(filename, F_OK) && set_hidden_flag(wfilename, 0)) {
error("could not unhide %s", filename);
return NULL;
}
file = _wfopen(wfilename, wotype);
if (!file && GetLastError() == ERROR_INVALID_NAME)
Reported by FlawFinder.
Line: 657
Column: 15
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (xutftowcs(wotype, otype, ARRAY_SIZE(wotype)) < 0)
return NULL;
if (hide && !access(filename, F_OK) && set_hidden_flag(wfilename, 0)) {
error("could not unhide %s", filename);
return NULL;
}
file = _wfreopen(wfilename, wotype, stream);
if (file && hide && set_hidden_flag(wfilename, 1))
Reported by FlawFinder.
Line: 1044
Column: 19
CWE codes:
377
int mkstemp(char *template)
{
char *filename = mktemp(template);
if (filename == NULL)
return -1;
return open(filename, O_RDWR | O_CREAT, 0600);
}
Reported by FlawFinder.
Line: 1616
Column: 15
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
free(quoted);
}
strace_env = getenv("GIT_STRACE_COMMANDS");
if (strace_env) {
char *p = path_lookup("strace.exe", 1);
if (!p)
return error("strace not found!");
if (xutftowcs_path(wcmd, p) < 0) {
Reported by FlawFinder.
Line: 1692
Column: 8
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
*/
!(err == ERROR_INVALID_PARAMETER &&
GetVersion() >> 16 < 9200) &&
!getenv("SUPPRESS_HANDLE_INHERITANCE_WARNING")) {
DWORD fl = 0;
int i;
setenv("SUPPRESS_HANDLE_INHERITANCE_WARNING", "1", 1);
Reported by FlawFinder.
http.c
71 issues
Line: 1151
}
#endif
if (curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK)
die("curl_global_init failed");
http_proactive_auth = proactive_auth;
if (remote && remote->http_proxy)
Reported by Cppcheck.
Line: 553
Column: 39
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
set_proxyauth_name_password(result);
}
var_override(&http_proxy_authmethod, getenv("GIT_HTTP_PROXY_AUTHMETHOD"));
#if LIBCURL_VERSION_NUM >= 0x070a07 /* CURLOPT_PROXYAUTH and CURLAUTH_ANY */
if (http_proxy_authmethod) {
int i;
for (i = 0; i < ARRAY_SIZE(proxy_authmethods); i++) {
Reported by FlawFinder.
Line: 917
Column: 6
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (http_proactive_auth)
init_curl_http_auth(result);
if (getenv("GIT_SSL_VERSION"))
ssl_version = getenv("GIT_SSL_VERSION");
if (ssl_version && *ssl_version) {
int i;
for (i = 0; i < ARRAY_SIZE(sslversions); i++) {
if (!strcmp(ssl_version, sslversions[i].name)) {
Reported by FlawFinder.
Line: 918
Column: 17
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
init_curl_http_auth(result);
if (getenv("GIT_SSL_VERSION"))
ssl_version = getenv("GIT_SSL_VERSION");
if (ssl_version && *ssl_version) {
int i;
for (i = 0; i < ARRAY_SIZE(sslversions); i++) {
if (!strcmp(ssl_version, sslversions[i].name)) {
curl_easy_setopt(result, CURLOPT_SSLVERSION,
Reported by FlawFinder.
Line: 933
Column: 6
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
ssl_version);
}
if (getenv("GIT_SSL_CIPHER_LIST"))
ssl_cipherlist = getenv("GIT_SSL_CIPHER_LIST");
if (ssl_cipherlist != NULL && *ssl_cipherlist)
curl_easy_setopt(result, CURLOPT_SSL_CIPHER_LIST,
ssl_cipherlist);
Reported by FlawFinder.
Line: 934
Column: 20
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
if (getenv("GIT_SSL_CIPHER_LIST"))
ssl_cipherlist = getenv("GIT_SSL_CIPHER_LIST");
if (ssl_cipherlist != NULL && *ssl_cipherlist)
curl_easy_setopt(result, CURLOPT_SSL_CIPHER_LIST,
ssl_cipherlist);
if (ssl_cert != NULL)
Reported by FlawFinder.
Line: 991
Column: 6
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
#else
warning(_("Protocol restrictions not supported with cURL < 7.19.4"));
#endif
if (getenv("GIT_CURL_VERBOSE"))
http_trace_curl_no_data();
setup_curl_trace(result);
if (getenv("GIT_TRACE_CURL_NO_DATA"))
trace_curl_data = 0;
if (!git_env_bool("GIT_TRACE_REDACT", 1))
Reported by FlawFinder.
Line: 994
Column: 6
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (getenv("GIT_CURL_VERBOSE"))
http_trace_curl_no_data();
setup_curl_trace(result);
if (getenv("GIT_TRACE_CURL_NO_DATA"))
trace_curl_data = 0;
if (!git_env_bool("GIT_TRACE_REDACT", 1))
trace_curl_redact = 0;
curl_easy_setopt(result, CURLOPT_USERAGENT,
Reported by FlawFinder.
Line: 1024
Column: 35
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
*/
if (!curl_http_proxy) {
if (http_auth.protocol && !strcmp(http_auth.protocol, "https")) {
var_override(&curl_http_proxy, getenv("HTTPS_PROXY"));
var_override(&curl_http_proxy, getenv("https_proxy"));
} else {
var_override(&curl_http_proxy, getenv("http_proxy"));
}
if (!curl_http_proxy) {
Reported by FlawFinder.
Line: 1025
Column: 35
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!curl_http_proxy) {
if (http_auth.protocol && !strcmp(http_auth.protocol, "https")) {
var_override(&curl_http_proxy, getenv("HTTPS_PROXY"));
var_override(&curl_http_proxy, getenv("https_proxy"));
} else {
var_override(&curl_http_proxy, getenv("http_proxy"));
}
if (!curl_http_proxy) {
var_override(&curl_http_proxy, getenv("ALL_PROXY"));
Reported by FlawFinder.
archive-zip.c
60 issues
Line: 33
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct zip_local_header {
unsigned char magic[4];
unsigned char version[2];
unsigned char flags[2];
unsigned char compression_method[2];
unsigned char mtime[2];
unsigned char mdate[2];
Reported by FlawFinder.
Line: 34
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct zip_local_header {
unsigned char magic[4];
unsigned char version[2];
unsigned char flags[2];
unsigned char compression_method[2];
unsigned char mtime[2];
unsigned char mdate[2];
unsigned char crc32[4];
Reported by FlawFinder.
Line: 35
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct zip_local_header {
unsigned char magic[4];
unsigned char version[2];
unsigned char flags[2];
unsigned char compression_method[2];
unsigned char mtime[2];
unsigned char mdate[2];
unsigned char crc32[4];
unsigned char compressed_size[4];
Reported by FlawFinder.
Line: 36
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char magic[4];
unsigned char version[2];
unsigned char flags[2];
unsigned char compression_method[2];
unsigned char mtime[2];
unsigned char mdate[2];
unsigned char crc32[4];
unsigned char compressed_size[4];
unsigned char size[4];
Reported by FlawFinder.
Line: 37
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char version[2];
unsigned char flags[2];
unsigned char compression_method[2];
unsigned char mtime[2];
unsigned char mdate[2];
unsigned char crc32[4];
unsigned char compressed_size[4];
unsigned char size[4];
unsigned char filename_length[2];
Reported by FlawFinder.
Line: 38
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char flags[2];
unsigned char compression_method[2];
unsigned char mtime[2];
unsigned char mdate[2];
unsigned char crc32[4];
unsigned char compressed_size[4];
unsigned char size[4];
unsigned char filename_length[2];
unsigned char extra_length[2];
Reported by FlawFinder.
Line: 39
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char compression_method[2];
unsigned char mtime[2];
unsigned char mdate[2];
unsigned char crc32[4];
unsigned char compressed_size[4];
unsigned char size[4];
unsigned char filename_length[2];
unsigned char extra_length[2];
unsigned char _end[1];
Reported by FlawFinder.
Line: 40
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char mtime[2];
unsigned char mdate[2];
unsigned char crc32[4];
unsigned char compressed_size[4];
unsigned char size[4];
unsigned char filename_length[2];
unsigned char extra_length[2];
unsigned char _end[1];
};
Reported by FlawFinder.
Line: 41
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char mdate[2];
unsigned char crc32[4];
unsigned char compressed_size[4];
unsigned char size[4];
unsigned char filename_length[2];
unsigned char extra_length[2];
unsigned char _end[1];
};
Reported by FlawFinder.
Line: 42
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned char crc32[4];
unsigned char compressed_size[4];
unsigned char size[4];
unsigned char filename_length[2];
unsigned char extra_length[2];
unsigned char _end[1];
};
struct zip_data_desc {
Reported by FlawFinder.
apply.c
51 issues
Line: 375
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
n = patch->old_name;
quote_c_style(n, &sb, NULL, 0);
}
fprintf(output, fmt, sb.buf);
fputc('\n', output);
strbuf_release(&sb);
}
#define SLOP (16)
Reported by FlawFinder.
Line: 1076
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!ptr || ptr[1] != '.' || hexsz < ptr - line)
return 0;
len = ptr - line;
memcpy(patch->old_oid_prefix, line, len);
patch->old_oid_prefix[len] = 0;
line = ptr + 2;
ptr = strchr(line, ' ');
eol = strchrnul(line, '\n');
Reported by FlawFinder.
Line: 1089
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (hexsz < len)
return 0;
memcpy(patch->new_oid_prefix, line, len);
patch->new_oid_prefix[len] = 0;
if (*ptr == ' ')
return gitdiff_oldmode(state, ptr + 1, patch);
return 0;
}
Reported by FlawFinder.
Line: 2359
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* and copy it in, while fixing the line length */
l_len = preimage->line[ctx].len;
memcpy(new_buf, fixed, l_len);
new_buf += l_len;
fixed += l_len;
postimage->line[i].len = l_len;
ctx++;
}
Reported by FlawFinder.
Line: 2795
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Adjust the contents */
result = xmalloc(st_add3(st_sub(img->len, remove_count), insert_count, 1));
memcpy(result, img->buf, applied_at);
memcpy(result + applied_at, postimage->buf, postimage->len);
memcpy(result + applied_at + postimage->len,
img->buf + (applied_at + remove_count),
img->len - (applied_at + remove_count));
free(img->buf);
Reported by FlawFinder.
Line: 2796
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Adjust the contents */
result = xmalloc(st_add3(st_sub(img->len, remove_count), insert_count, 1));
memcpy(result, img->buf, applied_at);
memcpy(result + applied_at, postimage->buf, postimage->len);
memcpy(result + applied_at + postimage->len,
img->buf + (applied_at + remove_count),
img->len - (applied_at + remove_count));
free(img->buf);
img->buf = result;
Reported by FlawFinder.
Line: 2797
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
result = xmalloc(st_add3(st_sub(img->len, remove_count), insert_count, 1));
memcpy(result, img->buf, applied_at);
memcpy(result + applied_at, postimage->buf, postimage->len);
memcpy(result + applied_at + postimage->len,
img->buf + (applied_at + remove_count),
img->len - (applied_at + remove_count));
free(img->buf);
img->buf = result;
img->len += insert_count - remove_count;
Reported by FlawFinder.
Line: 2902
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
is_blank_context = 1;
/* fallthrough */
case '-':
memcpy(old, patch + 1, plen);
add_line_info(&preimage, old, plen,
(first == ' ' ? LINE_COMMON : 0));
old += plen;
if (first == '-')
break;
Reported by FlawFinder.
Line: 4300
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int namelen = strlen(path);
ce = make_empty_cache_entry(state->repo->index, namelen);
memcpy(ce->name, path, namelen);
ce->ce_mode = create_ce_mode(mode);
ce->ce_flags = create_ce_flags(0);
ce->ce_namelen = namelen;
if (state->ita_only) {
ce->ce_flags |= CE_INTENT_TO_ADD;
Reported by FlawFinder.
Line: 4365
Column: 7
CWE codes:
362
*/
return !!symlink(buf, path);
fd = open(path, O_CREAT | O_EXCL | O_WRONLY, (mode & 0100) ? 0777 : 0666);
if (fd < 0)
return 1;
if (convert_to_working_tree(state->repo->index, path, buf, size, &nbuf, NULL)) {
size = nbuf.len;
Reported by FlawFinder.
diff.c
48 issues
Line: 508
Column: 38
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (done_preparing)
return external_diff_cmd;
external_diff_cmd = xstrdup_or_null(getenv("GIT_EXTERNAL_DIFF"));
if (!external_diff_cmd)
external_diff_cmd = external_diff_cmd_cfg;
done_preparing = 1;
return external_diff_cmd;
}
Reported by FlawFinder.
Line: 3607
Column: 14
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (pe)
xdiff_set_find_func(&xecfg, pe->pattern, pe->cflags);
diffopts = getenv("GIT_DIFF_OPTS");
if (!diffopts)
;
else if (skip_prefix(diffopts, "--unified=", &v))
xecfg.ctxlen = strtoul(v, NULL, 10);
else if (skip_prefix(diffopts, "-u", &v))
Reported by FlawFinder.
Line: 527
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
const char *name;
char hex[GIT_MAX_HEXSZ + 1];
char mode[10];
/*
* If this diff_tempfile instance refers to a temporary file,
* this tempfile object is used to manage its lifetime.
Reported by FlawFinder.
Line: 528
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *name;
char hex[GIT_MAX_HEXSZ + 1];
char mode[10];
/*
* If this diff_tempfile instance refers to a temporary file,
* this tempfile object is used to manage its lifetime.
*/
Reported by FlawFinder.
Line: 795
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
o->emitted_symbols->alloc);
f = &o->emitted_symbols->buf[o->emitted_symbols->nr++];
memcpy(f, e, sizeof(struct emitted_diff_symbol));
f->line = e->line ? xmemdupz(e->line, e->len) : NULL;
}
struct moved_entry {
struct hashmap_entry ent;
Reported by FlawFinder.
Line: 1665
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *func = diff_get_color(ecbdata->color_diff, DIFF_FUNCINFO);
const char *reset = diff_get_color(ecbdata->color_diff, DIFF_RESET);
const char *reverse = ecbdata->color_diff ? GIT_COLOR_REVERSE : "";
static const char atat[2] = { '@', '@' };
const char *cp, *ep;
struct strbuf msgbuf = STRBUF_INIT;
int org_len = len;
int i = 1;
Reported by FlawFinder.
Line: 1876
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ALLOC_GROW(buffer->text.ptr, buffer->text.size + len, buffer->alloc);
line++;
len--;
memcpy(buffer->text.ptr + buffer->text.size, line, len);
buffer->text.size += len;
buffer->text.ptr[buffer->text.size] = '\0';
}
struct diff_words_style_elem {
Reported by FlawFinder.
Line: 2119
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* store one word */
ALLOC_GROW(out->ptr, out->size + j - i + 1, alloc);
memcpy(out->ptr + out->size, buffer->text.ptr + i, j - i);
out->ptr[out->size + j - i] = '\n';
out->size += j - i + 1;
i = j - 1;
}
Reported by FlawFinder.
Line: 2238
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
int i;
struct diff_options *o = xmalloc(sizeof(struct diff_options));
memcpy(o, orig_opts, sizeof(struct diff_options));
CALLOC_ARRAY(ecbdata->diff_words, 1);
ecbdata->diff_words->type = o->word_diff;
ecbdata->diff_words->opt = o;
Reported by FlawFinder.
Line: 3331
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
while (data_size) {
int len;
int bytes = (52 < data_size) ? 52 : data_size;
char line[71];
data_size -= bytes;
if (bytes <= 26)
line[0] = bytes + 'A' - 1;
else
line[0] = bytes - 26 + 'a' - 1;
Reported by FlawFinder.
sequencer.c
43 issues
Line: 3524
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
return status;
}
__attribute__((format (printf, 2, 3)))
static int safe_append(const char *filename, const char *fmt, ...)
{
va_list ap;
struct lock_file lock = LOCK_INIT;
int fd = hold_lock_file_for_update(&lock, filename,
Reported by FlawFinder.
Line: 3602
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
return ret;
}
__attribute__((format (printf, 3, 4)))
static const char *reflog_message(struct replay_opts *opts,
const char *sub_action, const char *fmt, ...)
{
va_list ap;
static struct strbuf buf = STRBUF_INIT;
Reported by FlawFinder.
Line: 403
Column: 14
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static void print_advice(struct repository *r, int show_hint,
struct replay_opts *opts)
{
char *msg = getenv("GIT_CHERRY_PICK_HELP");
if (msg) {
fprintf(stderr, "%s\n", msg);
/*
* A conflict has occurred but the porcelain
Reported by FlawFinder.
Line: 1502
Column: 25
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
} else {
reset_ident_date();
}
committer = fmt_ident(getenv("GIT_COMMITTER_NAME"),
getenv("GIT_COMMITTER_EMAIL"),
WANT_COMMITTER_IDENT,
opts->ignore_date ? NULL : date.buf,
IDENT_STRICT);
strbuf_release(&date);
Reported by FlawFinder.
Line: 1503
Column: 11
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
reset_ident_date();
}
committer = fmt_ident(getenv("GIT_COMMITTER_NAME"),
getenv("GIT_COMMITTER_EMAIL"),
WANT_COMMITTER_IDENT,
opts->ignore_date ? NULL : date.buf,
IDENT_STRICT);
strbuf_release(&date);
} else {
Reported by FlawFinder.
Line: 1535
Column: 9
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
if (update_head_with_reflog(current_head, oid,
getenv("GIT_REFLOG_ACTION"), msg, &err)) {
res = error("%s", err.buf);
goto out;
}
run_commit_hook(0, r->index_file, "post-commit", NULL);
Reported by FlawFinder.
Line: 3608
Column: 24
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
{
va_list ap;
static struct strbuf buf = STRBUF_INIT;
char *reflog_action = getenv(GIT_REFLOG_ACTION);
va_start(ap, fmt);
strbuf_reset(&buf);
strbuf_addstr(&buf, reflog_action ? reflog_action : action_name(opts));
if (sub_action)
Reported by FlawFinder.
Line: 4277
Column: 31
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
/* Note that 0 for 3rd parameter of setenv means set only if not set */
setenv(GIT_REFLOG_ACTION, action_name(opts), 0);
prev_reflog_action = xstrdup(getenv(GIT_REFLOG_ACTION));
if (opts->allow_ff)
assert(!(opts->signoff || opts->no_commit ||
opts->record_origin || should_edit(opts) ||
opts->committer_date_is_author_date ||
opts->ignore_date));
Reported by FlawFinder.
Line: 1150
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const struct object_id *newoid)
{
struct child_process proc = CHILD_PROCESS_INIT;
const char *argv[3];
int code;
struct strbuf sb = STRBUF_INIT;
argv[0] = find_hook("post-rewrite");
if (!argv[0])
Reported by FlawFinder.
Line: 2591
Column: 7
CWE codes:
362
int fd;
ssize_t len;
fd = open(path, O_RDONLY);
if (fd < 0)
return error_errno(_("could not open '%s'"), path);
len = strbuf_read(sb, fd, 0);
close(fd);
if (len < 0)
Reported by FlawFinder.
compat/regex/regcomp.c
39 issues
Line: 2809
CWE codes:
908
size_t name_len;
{
int32_t hash = elem_hash ((const char *) name, name_len);
int32_t elem = hash % table_size;
if (symb_table[2 * elem] != 0)
{
int32_t second = hash % (table_size - 2) + 1;
do
Reported by Cppcheck.
Line: 2812
CWE codes:
908
int32_t elem = hash % table_size;
if (symb_table[2 * elem] != 0)
{
int32_t second = hash % (table_size - 2) + 1;
do
{
/* First compare the hashing value. */
if (symb_table[2 * elem] == hash
Reported by Cppcheck.
Line: 2850
CWE codes:
908
/*
if (MB_CUR_MAX == 1)
*/
if (nrules == 0)
return collseqmb[br_elem->opr.ch];
else
{
wint_t wc = __btowc (br_elem->opr.ch);
return __collseq_table_lookup (collseqwc, wc);
Reported by Cppcheck.
Line: 2851
CWE codes:
908
if (MB_CUR_MAX == 1)
*/
if (nrules == 0)
return collseqmb[br_elem->opr.ch];
else
{
wint_t wc = __btowc (br_elem->opr.ch);
return __collseq_table_lookup (collseqwc, wc);
}
Reported by Cppcheck.
Line: 2893
CWE codes:
908
{
/* No valid character. Match it as a single byte
character. */
return collseqmb[br_elem->opr.name[0]];
}
}
else if (sym_name_len == 1)
return collseqmb[br_elem->opr.name[0]];
}
Reported by Cppcheck.
Line: 2897
CWE codes:
908
}
}
else if (sym_name_len == 1)
return collseqmb[br_elem->opr.name[0]];
}
return UINT_MAX;
}
/* Local function for parse_bracket_exp used in _LIBC environment.
Reported by Cppcheck.
Line: 2923
CWE codes:
908
/* Equivalence Classes and Character Classes can't be a range
start/end. */
if (BE (start_elem->type == EQUIV_CLASS || start_elem->type == CHAR_CLASS
|| end_elem->type == EQUIV_CLASS || end_elem->type == CHAR_CLASS,
0))
return REG_ERANGE;
start_collseq = lookup_collation_sequence_value (start_elem);
Reported by Cppcheck.
Line: 2943
CWE codes:
908
if (nrules > 0 || dfa->mb_cur_max > 1)
{
/* Check the space of the arrays. */
if (BE (*range_alloc == mbcset->nranges, 0))
{
/* There is not enough space, need realloc. */
uint32_t *new_array_start;
uint32_t *new_array_end;
int new_nranges;
Reported by Cppcheck.
Line: 2977
CWE codes:
908
if (MB_CUR_MAX == 1)
*/
if (nrules == 0)
ch_collseq = collseqmb[ch];
else
ch_collseq = __collseq_table_lookup (collseqwc, __btowc (ch));
if (start_collseq <= ch_collseq && ch_collseq <= end_collseq)
bitset_set (sbcset, ch);
}
Reported by Cppcheck.
Line: 3001
CWE codes:
908
const unsigned char *name;
{
int32_t elem, idx;
size_t name_len = strlen ((const char *) name);
if (nrules != 0)
{
elem = seek_collating_symbol_entry (name, name_len);
if (symb_table[2 * elem] != 0)
{
Reported by Cppcheck.
git-compat-util.h
39 issues
Line: 468
Column: 67
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* General helper functions */
void vreportf(const char *prefix, const char *err, va_list params);
NORETURN void usage(const char *err);
NORETURN void usagef(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
Reported by FlawFinder.
Line: 469
Column: 64
CWE codes:
134
Suggestion:
Use a constant for the format specification
void vreportf(const char *prefix, const char *err, va_list params);
NORETURN void usage(const char *err);
NORETURN void usagef(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
Reported by FlawFinder.
Line: 470
Column: 70
CWE codes:
134
Suggestion:
Use a constant for the format specification
NORETURN void usage(const char *err);
NORETURN void usagef(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
Reported by FlawFinder.
Line: 471
Column: 56
CWE codes:
134
Suggestion:
Use a constant for the format specification
NORETURN void usagef(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
#ifndef NO_OPENSSL
Reported by FlawFinder.
Line: 472
Column: 62
CWE codes:
134
Suggestion:
Use a constant for the format specification
NORETURN void die(const char *err, ...) __attribute__((format (printf, 1, 2)));
NORETURN void die_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
#ifndef NO_OPENSSL
#ifdef APPLE_COMMON_CRYPTO
Reported by FlawFinder.
Line: 473
Column: 59
CWE codes:
134
Suggestion:
Use a constant for the format specification
NORETURN void die_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
#ifndef NO_OPENSSL
#ifdef APPLE_COMMON_CRYPTO
#include "compat/apple-common-crypto.h"
Reported by FlawFinder.
Line: 474
Column: 65
CWE codes:
134
Suggestion:
Use a constant for the format specification
int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
int error_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
#ifndef NO_OPENSSL
#ifdef APPLE_COMMON_CRYPTO
#include "compat/apple-common-crypto.h"
#else
Reported by FlawFinder.
Line: 787
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
#endif
#ifdef SNPRINTF_RETURNS_BOGUS
#ifdef snprintf
#undef snprintf
#endif
#define snprintf git_snprintf
int git_snprintf(char *str, size_t maxsize,
const char *format, ...);
Reported by FlawFinder.
Line: 788
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
#ifdef SNPRINTF_RETURNS_BOGUS
#ifdef snprintf
#undef snprintf
#endif
#define snprintf git_snprintf
int git_snprintf(char *str, size_t maxsize,
const char *format, ...);
#ifdef vsnprintf
Reported by FlawFinder.
Line: 790
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
#ifdef snprintf
#undef snprintf
#endif
#define snprintf git_snprintf
int git_snprintf(char *str, size_t maxsize,
const char *format, ...);
#ifdef vsnprintf
#undef vsnprintf
#endif
Reported by FlawFinder.
builtin/fast-import.c
37 issues
Line: 407
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
static int zombie;
char message[2 * PATH_MAX];
vsnprintf(message, sizeof(message), err, params);
fputs("fatal: ", stderr);
fputs(message, stderr);
fputc('\n', stderr);
if (!zombie) {
Reported by FlawFinder.
Line: 1019
CWE codes:
476
crc32_begin(pack_file);
if (delta) {
off_t ofs = e->idx.offset - last->offset;
unsigned pos = sizeof(hdr) - 1;
delta_count_by_type[type]++;
e->depth = last->depth + 1;
Reported by Cppcheck.
Line: 1023
CWE codes:
476
unsigned pos = sizeof(hdr) - 1;
delta_count_by_type[type]++;
e->depth = last->depth + 1;
hdrlen = encode_in_pack_object_header(hdr, sizeof(hdr),
OBJ_OFS_DELTA, deltalen);
hashwrite(pack_file, hdr, hdrlen);
pack_size += hdrlen;
Reported by Cppcheck.
Line: 2095
Column: 7
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
uintmax_t num_notes = 0;
struct object_id oid;
/* hex oid + '/' between each pair of hex digits + NUL */
char realpath[GIT_MAX_HEXSZ + ((GIT_MAX_HEXSZ / 2) - 1) + 1];
const unsigned hexsz = the_hash_algo->hexsz;
if (!root->tree)
load_tree(root);
t = root->tree;
Reported by FlawFinder.
Line: 2137
Column: 48
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
num_notes++;
continue;
}
construct_path_with_fanout(hex_oid, fanout, realpath);
if (!strcmp(fullpath, realpath)) {
/* Note entry is in correct location */
num_notes++;
continue;
}
Reported by FlawFinder.
Line: 2138
Column: 26
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
continue;
}
construct_path_with_fanout(hex_oid, fanout, realpath);
if (!strcmp(fullpath, realpath)) {
/* Note entry is in correct location */
num_notes++;
continue;
}
Reported by FlawFinder.
Line: 2147
Column: 32
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
/* Rename fullpath to realpath */
if (!tree_content_remove(orig_root, fullpath, &leaf, 0))
die("Failed to remove path %s", fullpath);
tree_content_set(orig_root, realpath,
&leaf.versions[1].oid,
leaf.versions[1].mode,
leaf.tree);
} else if (S_ISDIR(e->versions[1].mode)) {
/* This is a subdir that may contain note entries */
Reported by FlawFinder.
Line: 90
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct atom_str {
struct atom_str *next_atom;
unsigned short str_len;
char str_dat[FLEX_ARRAY]; /* more */
};
struct tree_content;
struct tree_entry {
struct tree_content *tree;
Reported by FlawFinder.
Line: 314
Column: 14
CWE codes:
362
static void write_crash_report(const char *err)
{
char *loc = git_pathdup("fast_import_crash_%"PRIuMAX, (uintmax_t) getpid());
FILE *rpt = fopen(loc, "w");
struct branch *b;
unsigned long lu;
struct recent_command *rc;
if (!rpt) {
Reported by FlawFinder.
Line: 405
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static NORETURN void die_nicely(const char *err, va_list params)
{
static int zombie;
char message[2 * PATH_MAX];
vsnprintf(message, sizeof(message), err, params);
fputs("fatal: ", stderr);
fputs(message, stderr);
fputc('\n', stderr);
Reported by FlawFinder.