The following issues were found
builtin/receive-pack.c
24 issues
Line: 434
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
char msg[4096];
sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
if (sz > (sizeof(msg) - 1))
sz = sizeof(msg) - 1;
msg[sz++] = '\n';
if (use_sideband)
Reported by FlawFinder.
Line: 445
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
xwrite(2, msg, sz);
}
__attribute__((format (printf, 1, 2)))
static void rp_warning(const char *err, ...)
{
va_list params;
va_start(params, err);
report_message("warning: ", err, params);
Reported by FlawFinder.
Line: 454
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_end(params);
}
__attribute__((format (printf, 1, 2)))
static void rp_error(const char *err, ...)
{
va_list params;
va_start(params, err);
report_message("error: ", err, params);
Reported by FlawFinder.
Line: 352
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int index;
struct object_id old_oid;
struct object_id new_oid;
char ref_name[FLEX_ARRAY]; /* more */
};
static void proc_receive_ref_append(const char *prefix)
{
struct proc_receive_ref *ref_pattern;
Reported by FlawFinder.
Line: 431
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void report_message(const char *prefix, const char *err, va_list params)
{
int sz;
char msg[4096];
sz = xsnprintf(msg, sizeof(msg), "%s", prefix);
sz += vsnprintf(msg + sz, sizeof(msg) - sz, err, params);
if (sz > (sizeof(msg) - 1))
sz = sizeof(msg) - 1;
Reported by FlawFinder.
Line: 465
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int copy_to_sideband(int in, int out, void *arg)
{
char data[128];
int keepalive_active = 0;
if (keepalive_in_sec <= 0)
use_keepalive = KEEPALIVE_NEVER;
if (use_keepalive == KEEPALIVE_ALWAYS)
Reported by FlawFinder.
Line: 530
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *key_in, size_t key_len,
const char *text, size_t text_len)
{
unsigned char key[GIT_MAX_BLKSZ];
unsigned char k_ipad[GIT_MAX_BLKSZ];
unsigned char k_opad[GIT_MAX_BLKSZ];
int i;
git_hash_ctx ctx;
Reported by FlawFinder.
Line: 531
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *text, size_t text_len)
{
unsigned char key[GIT_MAX_BLKSZ];
unsigned char k_ipad[GIT_MAX_BLKSZ];
unsigned char k_opad[GIT_MAX_BLKSZ];
int i;
git_hash_ctx ctx;
/* RFC 2104 2. (1) */
Reported by FlawFinder.
Line: 532
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
unsigned char key[GIT_MAX_BLKSZ];
unsigned char k_ipad[GIT_MAX_BLKSZ];
unsigned char k_opad[GIT_MAX_BLKSZ];
int i;
git_hash_ctx ctx;
/* RFC 2104 2. (1) */
memset(key, '\0', GIT_MAX_BLKSZ);
Reported by FlawFinder.
Line: 543
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
the_hash_algo->update_fn(&ctx, key_in, key_len);
the_hash_algo->final_fn(key, &ctx);
} else {
memcpy(key, key_in, key_len);
}
/* RFC 2104 2. (2) & (5) */
for (i = 0; i < sizeof(key); i++) {
k_ipad[i] = key[i] ^ 0x36;
Reported by FlawFinder.
strbuf.c
24 issues
Line: 574
Column: 9
CWE codes:
362
20
Suggestion:
Reconsider approach
ssize_t len;
strbuf_grow(sb, hint);
len = readlink(path, sb->buf, hint);
if (len < 0) {
if (errno != ERANGE)
break;
} else if (len < hint) {
strbuf_setlen(sb, len);
Reported by FlawFinder.
Line: 263
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (pos > sb->len)
die("`pos' is too far after the end of the buffer");
va_copy(cp, ap);
len = vsnprintf(sb->buf + sb->len, 0, fmt, cp);
va_end(cp);
if (len < 0)
BUG("your vsnprintf is broken (returned %d)", len);
if (!len)
return; /* nothing to do */
Reported by FlawFinder.
Line: 275
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
memmove(sb->buf + pos + len, sb->buf + pos, sb->len - pos);
/* vsnprintf() will append a NUL, overwriting one of our characters */
save = sb->buf[pos + len];
len2 = vsnprintf(sb->buf + pos, len + 1, fmt, ap);
sb->buf[pos + len] = save;
if (len2 != len)
BUG("your vsnprintf is broken (returns inconsistent lengths)");
strbuf_setlen(sb, sb->len + len);
}
Reported by FlawFinder.
Line: 396
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (!strbuf_avail(sb))
strbuf_grow(sb, 64);
va_copy(cp, ap);
len = vsnprintf(sb->buf + sb->len, sb->alloc - sb->len, fmt, cp);
va_end(cp);
if (len < 0)
BUG("your vsnprintf is broken (returned %d)", len);
if (len > strbuf_avail(sb)) {
strbuf_grow(sb, len);
Reported by FlawFinder.
Line: 402
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
BUG("your vsnprintf is broken (returned %d)", len);
if (len > strbuf_avail(sb)) {
strbuf_grow(sb, len);
len = vsnprintf(sb->buf + sb->len, sb->alloc - sb->len, fmt, ap);
if (len > strbuf_avail(sb))
BUG("your vsnprintf is broken (insatiable)");
}
strbuf_setlen(sb, sb->len + len);
}
Reported by FlawFinder.
Line: 935
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
int ret;
va_list ap;
va_start(ap, fmt);
ret = vprintf(fmt, ap);
va_end(ap);
if (ret < 0 || putchar('\n') == EOF)
return -1;
return ret + 1;
}
Reported by FlawFinder.
Line: 947
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
int ret;
va_list ap;
va_start(ap, fmt);
ret = vfprintf(fp, fmt, ap);
va_end(ap);
if (ret < 0 || putc('\n', fp) == EOF)
return -1;
return ret + 1;
}
Reported by FlawFinder.
Line: 902
Column: 15
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
struct stat cwd_stat, pwd_stat;
size_t orig_len = sb->len;
char *cwd = xgetcwd();
char *pwd = getenv("PWD");
if (pwd && strcmp(pwd, cwd) &&
!stat(cwd, &cwd_stat) &&
(cwd_stat.st_dev || cwd_stat.st_ino) &&
!stat(pwd, &pwd_stat) &&
pwd_stat.st_dev == cwd_stat.st_dev &&
Reported by FlawFinder.
Line: 51
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* buf is non NULL and ->buf is NUL terminated even for a freshly
* initialized strbuf.
*/
char strbuf_slopbuf[1];
void strbuf_init(struct strbuf *sb, size_t hint)
{
struct strbuf blank = STRBUF_INIT;
memcpy(sb, &blank, sizeof(*sb));
Reported by FlawFinder.
Line: 56
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void strbuf_init(struct strbuf *sb, size_t hint)
{
struct strbuf blank = STRBUF_INIT;
memcpy(sb, &blank, sizeof(*sb));
if (hint)
strbuf_grow(sb, hint);
}
void strbuf_release(struct strbuf *sb)
Reported by FlawFinder.
grep.c
23 issues
Line: 1619
CWE codes:
562
}
memset(&xecfg, 0, sizeof(xecfg));
opt->priv = &xecfg;
try_lookahead = should_lookahead(opt);
if (fill_textconv_grep(opt->repo, textconv, gs) < 0)
return 0;
Reported by Cppcheck.
Line: 309
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static NORETURN void compile_regexp_failed(const struct grep_pat *p,
const char *error)
{
char where[1024];
if (p->no)
xsnprintf(where, sizeof(where), "In '%s' at %d, ", p->origin, p->no);
else if (p->origin)
xsnprintf(where, sizeof(where), "%s, ", p->origin);
Reported by FlawFinder.
Line: 514
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
err = regcomp(&p->regexp, sb.buf, regflags);
strbuf_release(&sb);
if (err) {
char errbuf[1024];
regerror(err, &p->regexp, errbuf, sizeof(errbuf));
compile_regexp_failed(p, errbuf);
}
}
#endif /* !USE_LIBPCRE2 */
Reported by FlawFinder.
Line: 592
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
regflags |= REG_EXTENDED;
err = regcomp(&p->regexp, p->pattern, regflags);
if (err) {
char errbuf[1024];
regerror(err, &p->regexp, errbuf, 1024);
compile_regexp_failed(p, errbuf);
}
}
Reported by FlawFinder.
Line: 1200
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
output_sep(opt, sign);
}
if (opt->linenum) {
char buf[32];
xsnprintf(buf, sizeof(buf), "%d", lno);
output_color(opt, buf, strlen(buf), opt->colors[GREP_COLOR_LINENO]);
output_sep(opt, sign);
}
/*
Reported by FlawFinder.
Line: 1211
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* being called with a context line.
*/
if (opt->columnnum && cno) {
char buf[32];
xsnprintf(buf, sizeof(buf), "%"PRIuMAX, (uintmax_t)cno);
output_color(opt, buf, strlen(buf), opt->colors[GREP_COLOR_COLUMNNO]);
output_sep(opt, sign);
}
}
Reported by FlawFinder.
Line: 1324
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if (xecfg) {
char buf[1];
return xecfg->find_func(bol, eol - bol, buf, 1,
xecfg->find_func_priv) >= 0;
}
if (bol == eol)
Reported by FlawFinder.
Line: 1768
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* make it another option? For now suppress them.
*/
if (opt->count && count) {
char buf[32];
if (opt->pathname) {
output_color(opt, gs->name, strlen(gs->name),
opt->colors[GREP_COLOR_FILENAME]);
output_sep(opt, ':');
}
Reported by FlawFinder.
Line: 1918
Column: 6
CWE codes:
362
if (!S_ISREG(st.st_mode))
return -1;
size = xsize_t(st.st_size);
i = open(filename, O_RDONLY);
if (i < 0)
goto err_ret;
data = xmallocz(size);
if (st.st_size != read_in_full(i, data, size)) {
error_errno(_("'%s': short read"), filename);
Reported by FlawFinder.
Line: 148
Column: 45
CWE codes:
126
opt->repo = repo;
opt->prefix = prefix;
opt->prefix_length = (prefix && *prefix) ? strlen(prefix) : 0;
opt->pattern_tail = &opt->pattern_list;
opt->header_tail = &opt->header_list;
}
static void grep_set_pattern_type_option(enum grep_pattern_type pattern_type, struct grep_opt *opt)
Reported by FlawFinder.
merge-recursive.c
23 issues
Line: 3263
CWE codes:
908
} else {
BUG("Impossible dir_rename_original_type/clean combination");
}
dir_rename_warning(msg, is_add, clean, opt, ren);
return clean;
}
/* Per entry merge function */
Reported by Cppcheck.
Line: 165
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
}
__attribute__((format (printf, 2, 3)))
static int err(struct merge_options *opt, const char *err, ...)
{
va_list params;
if (opt->buffer_output < 2)
Reported by FlawFinder.
Line: 320
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
opt->verbosity >= 5;
}
__attribute__((format (printf, 3, 4)))
static void output(struct merge_options *opt, int v, const char *fmt, ...)
{
va_list ap;
if (!show(opt, v))
Reported by FlawFinder.
Line: 3873
Column: 20
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
opt->renormalize = 0;
merge_recursive_config(opt);
merge_verbosity = getenv("GIT_MERGE_VERBOSITY");
if (merge_verbosity)
opt->verbosity = strtol(merge_verbosity, NULL, 10);
if (opt->verbosity >= 5)
opt->buffer_output = 0;
}
Reported by FlawFinder.
Line: 44
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct path_hashmap_entry {
struct hashmap_entry e;
char path[FLEX_ARRAY];
};
static int path_hashmap_cmp(const void *cmp_data,
const struct hashmap_entry *eptr,
const struct hashmap_entry *entry_or_key,
Reported by FlawFinder.
Line: 975
Column: 9
CWE codes:
362
int fd;
int mode = (contents->mode & 0100 ? 0777 : 0666);
fd = open(path, O_WRONLY | O_TRUNC | O_CREAT, mode);
if (fd < 0) {
ret = err(opt, _("failed to open '%s': %s"),
path, strerror(errno));
goto free_buf;
}
Reported by FlawFinder.
Line: 1103
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct commit *commit;
int contains_another;
char merged_revision[GIT_MAX_HEXSZ + 2];
const char *rev_args[] = { "rev-list", "--merges", "--ancestry-path",
"--all", merged_revision, NULL };
struct rev_info revs;
struct setup_revision_opt rev_opts;
Reported by FlawFinder.
Line: 545
Column: 15
CWE codes:
126
static int string_list_df_name_compare(const char *one, const char *two)
{
int onelen = strlen(one);
int twolen = strlen(two);
/*
* Here we only care that entries for D/F conflicts are
* adjacent, in particular with the file of the D/F conflict
* appearing before files below the corresponding directory.
Reported by FlawFinder.
Line: 546
Column: 15
CWE codes:
126
static int string_list_df_name_compare(const char *one, const char *two)
{
int onelen = strlen(one);
int twolen = strlen(two);
/*
* Here we only care that entries for D/F conflicts are
* adjacent, in particular with the file of the D/F conflict
* appearing before files below the corresponding directory.
* The order of the rest of the list is irrelevant for us.
Reported by FlawFinder.
Line: 610
Column: 13
CWE codes:
126
string_list_clear(&opt->priv->df_conflict_file_set, 1);
for (i = 0; i < df_sorted_entries.nr; i++) {
const char *path = df_sorted_entries.items[i].string;
int len = strlen(path);
struct stage_data *e = df_sorted_entries.items[i].util;
/*
* Check if last_file & path correspond to a D/F conflict;
* i.e. whether path is last_file+'/'+<something>.
Reported by FlawFinder.
dir.c
23 issues
Line: 1071
Column: 8
CWE codes:
362
if (flags & PATTERN_NOFOLLOW)
fd = open_nofollow(fname, O_RDONLY);
else
fd = open(fname, O_RDONLY);
if (fd < 0 || fstat(fd, &st) < 0) {
if (fd < 0)
warn_on_fopen_errors(fname);
else
Reported by FlawFinder.
Line: 3147
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
strbuf_release(&dir->basebuf);
memcpy(dir, &new, sizeof(*dir));
}
struct ondisk_untracked_cache {
struct stat_data info_exclude_stat;
struct stat_data excludes_file_stat;
Reported by FlawFinder.
Line: 3186
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct stat_data stat_data;
struct strbuf *out = &wd->out;
unsigned char intbuf[16];
unsigned int intlen, value;
int i = wd->index++;
/*
* untracked_nr should be reset whenever valid is clear, but
Reported by FlawFinder.
Line: 3237
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct ondisk_untracked_cache *ouc;
struct write_data wd;
unsigned char varbuf[16];
int varint_len;
const unsigned hashsz = the_hash_algo->rawsz;
CALLOC_ARRAY(ouc, 1);
stat_data_to_disk(&ouc->info_exclude_stat, &untracked->ss_info_exclude.stat);
Reported by FlawFinder.
Line: 3322
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static void stat_data_from_disk(struct stat_data *to, const unsigned char *data)
{
memcpy(to, data, sizeof(*to));
to->sd_ctime.sec = ntohl(to->sd_ctime.sec);
to->sd_ctime.nsec = ntohl(to->sd_ctime.nsec);
to->sd_mtime.sec = ntohl(to->sd_mtime.sec);
to->sd_mtime.nsec = ntohl(to->sd_mtime.nsec);
to->sd_dev = ntohl(to->sd_dev);
Reported by FlawFinder.
Line: 3364
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -1;
*untracked_ = untracked = xmalloc(st_add3(sizeof(*untracked), eos - data, 1));
memcpy(untracked, &ud, sizeof(ud));
memcpy(untracked->name, data, eos - data + 1);
data = eos + 1;
for (i = 0; i < untracked->untracked_nr; i++) {
eos = memchr(data, '\0', end - data);
Reported by FlawFinder.
Line: 3365
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
*untracked_ = untracked = xmalloc(st_add3(sizeof(*untracked), eos - data, 1));
memcpy(untracked, &ud, sizeof(ud));
memcpy(untracked->name, data, eos - data + 1);
data = eos + 1;
for (i = 0; i < untracked->untracked_nr; i++) {
eos = memchr(data, '\0', end - data);
if (!eos || eos == end)
Reported by FlawFinder.
Line: 107
Column: 21
CWE codes:
126
string += prefix;
}
if (item->flags & PATHSPEC_ONESTAR) {
int pattern_len = strlen(++pattern);
int string_len = strlen(string);
return string_len < pattern_len ||
ps_strcmp(item, pattern,
string + string_len - pattern_len);
}
Reported by FlawFinder.
Line: 108
Column: 20
CWE codes:
126
}
if (item->flags & PATHSPEC_ONESTAR) {
int pattern_len = strlen(++pattern);
int string_len = strlen(string);
return string_len < pattern_len ||
ps_strcmp(item, pattern,
string + string_len - pattern_len);
}
if (item->magic & PATHSPEC_GLOB)
Reported by FlawFinder.
Line: 553
Column: 7
CWE codes:
126
char *seen)
{
int matched = match_pathspec_with_flags(istate, ps, submodule_name,
strlen(submodule_name),
0, seen,
DO_MATCH_DIRECTORY |
DO_MATCH_LEADING_PATHSPEC);
return matched;
}
Reported by FlawFinder.
builtin/index-pack.c
23 issues
Line: 776
CWE codes:
476
enum object_type type;
unsigned long size;
if (entry->size <= big_file_threshold || entry->type != OBJ_BLOB)
return -1;
memset(&data, 0, sizeof(data));
data.entry = entry;
data.st = open_istream(the_repository, &entry->idx.oid, &type, &size,
Reported by Cppcheck.
Line: 1518
Column: 3
CWE codes:
362
Suggestion:
Use fchmod( ) instead
if (finalize_object_file(curr_pack_name, final_pack_name))
die(_("cannot store pack file"));
} else if (from_stdin)
chmod(final_pack_name, 0444);
if (final_index_name != curr_index_name) {
if (!final_index_name)
final_index_name = odb_pack_name(&index_name, hash, "idx");
if (finalize_object_file(curr_index_name, final_index_name))
Reported by FlawFinder.
Line: 1526
Column: 3
CWE codes:
362
Suggestion:
Use fchmod( ) instead
if (finalize_object_file(curr_index_name, final_index_name))
die(_("cannot store index file"));
} else
chmod(final_index_name, 0444);
if (curr_rev_index_name) {
if (final_rev_index_name != curr_rev_index_name) {
if (!final_rev_index_name)
final_rev_index_name = odb_pack_name(&rev_index_name, hash, "rev");
Reported by FlawFinder.
Line: 1535
Column: 4
CWE codes:
362
Suggestion:
Use fchmod( ) instead
if (finalize_object_file(curr_rev_index_name, final_rev_index_name))
die(_("cannot store reverse index file"));
} else
chmod(final_rev_index_name, 0444);
}
if (do_fsck_object) {
struct packed_git *p;
p = add_packed_git(final_index_name, strlen(final_index_name), 0);
Reported by FlawFinder.
Line: 372
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
use(sizeof(struct pack_header));
}
__attribute__((format (printf, 2, 3)))
static NORETURN void bad_object(off_t offset, const char *format, ...)
{
va_list params;
char buf[1024];
Reported by FlawFinder.
Line: 379
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
char buf[1024];
va_start(params, format);
vsnprintf(buf, sizeof(buf), format, params);
va_end(params);
die(_("pack has bad object at offset %"PRIuMAX": %s"),
(uintmax_t)offset, buf);
}
Reported by FlawFinder.
Line: 1685
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
chain_histogram[obj_stat[i].delta_depth - 1]++;
if (stat_only)
continue;
printf("%s %-6s %"PRIuMAX" %"PRIuMAX" %"PRIuMAX,
oid_to_hex(&obj->idx.oid),
type_name(obj->real_type), (uintmax_t)obj->size,
(uintmax_t)(obj[1].idx.offset - obj->idx.offset),
(uintmax_t)obj->idx.offset);
if (is_delta_type(obj->type)) {
Reported by FlawFinder.
Line: 776
CWE codes:
476
enum object_type type;
unsigned long size;
if (entry->size <= big_file_threshold || entry->type != OBJ_BLOB)
return -1;
memset(&data, 0, sizeof(data));
data.entry = entry;
data.st = open_istream(the_repository, &entry->idx.oid, &type, &size,
Reported by Cppcheck.
Line: 1242
Column: 24
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
nr_dispatched = 0;
base_cache_limit = delta_base_cache_limit * nr_threads;
if (nr_threads > 1 || getenv("GIT_FORCE_THREADS")) {
init_thread();
for (i = 0; i < nr_threads; i++) {
int ret = pthread_create(&thread_data[i].thread, NULL,
threaded_second_pass, thread_data + i);
if (ret)
Reported by FlawFinder.
Line: 132
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static struct progress *progress;
/* We always read in 4kB chunks. */
static unsigned char input_buffer[4096];
static unsigned int input_offset, input_len;
static off_t consumed_bytes;
static off_t max_input_size;
static unsigned deepest_delta;
static git_hash_ctx input_ctx;
Reported by FlawFinder.
config.c
22 issues
Line: 3064
Column: 7
CWE codes:
362
Suggestion:
Use fchmod( ) instead
close(in_fd);
in_fd = -1;
if (chmod(get_lock_file_path(&lock), st.st_mode & 07777) < 0) {
error_errno(_("chmod on %s failed"), get_lock_file_path(&lock));
ret = CONFIG_NO_WRITE;
goto out_free;
}
Reported by FlawFinder.
Line: 3302
Column: 6
CWE codes:
362
Suggestion:
Use fchmod( ) instead
goto out;
}
if (chmod(get_lock_file_path(&lock), st.st_mode & 07777) < 0) {
ret = error_errno(_("chmod on %s failed"),
get_lock_file_path(&lock));
goto out;
}
Reported by FlawFinder.
Line: 3492
CWE codes:
908
else
BUG("current_config_origin_type called outside config callback");
switch (type) {
case CONFIG_ORIGIN_BLOB:
return "blob";
case CONFIG_ORIGIN_FILE:
return "file";
case CONFIG_ORIGIN_STDIN:
Reported by Cppcheck.
Line: 3537
CWE codes:
908
name = cf->name;
else
BUG("current_config_name called outside config callback");
return name ? name : "";
}
enum config_scope current_config_scope(void)
{
if (current_config_kvi)
Reported by Cppcheck.
Line: 2565
Column: 32
CWE codes:
134
Suggestion:
Use a constant for the format specification
key, filename, linenr);
}
NORETURN __attribute__((format(printf, 2, 3)))
void git_die_config(const char *key, const char *err, ...)
{
const struct string_list *values;
struct key_value_info *kv_info;
Reported by FlawFinder.
Line: 339
Column: 20
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static void git_config_push_split_parameter(const char *key, const char *value)
{
struct strbuf env = STRBUF_INIT;
const char *old = getenv(CONFIG_DATA_ENVIRONMENT);
if (old && *old) {
strbuf_addstr(&env, old);
strbuf_addch(&env, ' ');
}
sq_quote_buf(&env, key);
Reported by FlawFinder.
Line: 403
Column: 14
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
die(_("missing environment variable name for configuration '%.*s'"),
(int)(env_name - spec - 1), spec);
env_value = getenv(env_name);
if (!env_value)
die(_("missing environment variable '%s' for configuration '%.*s'"),
env_name, (int)(env_name - spec - 1), spec);
git_config_push_split_parameter(key, env_value);
Reported by FlawFinder.
Line: 614
Column: 8
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
source.origin_type = CONFIG_ORIGIN_CMDLINE;
cf = &source;
env = getenv(CONFIG_COUNT_ENVIRONMENT);
if (env) {
unsigned long count;
char *endp;
int i;
Reported by FlawFinder.
Line: 656
Column: 8
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
}
env = getenv(CONFIG_DATA_ENVIRONMENT);
if (env) {
/* sq_dequote will write over it */
envw = xstrdup(env);
if (parse_config_env_list(envw, fn, data) < 0) {
ret = -1;
Reported by FlawFinder.
Line: 1835
Column: 40
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
char *git_system_config(void)
{
char *system_config = xstrdup_or_null(getenv("GIT_CONFIG_SYSTEM"));
if (!system_config)
system_config = system_path(ETC_GITCONFIG);
normalize_path_copy(system_config, system_config);
return system_config;
}
Reported by FlawFinder.
banned.h
22 issues
Line: 13
Column: 8
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
#define BANNED(func) sorry_##func##_is_a_banned_function
#undef strcpy
#define strcpy(x,y) BANNED(strcpy)
#undef strcat
#define strcat(x,y) BANNED(strcat)
#undef strncpy
#define strncpy(x,y,n) BANNED(strncpy)
Reported by FlawFinder.
Line: 14
Column: 9
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
#define BANNED(func) sorry_##func##_is_a_banned_function
#undef strcpy
#define strcpy(x,y) BANNED(strcpy)
#undef strcat
#define strcat(x,y) BANNED(strcat)
#undef strncpy
#define strncpy(x,y,n) BANNED(strncpy)
#undef strncat
Reported by FlawFinder.
Line: 14
Column: 28
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
#define BANNED(func) sorry_##func##_is_a_banned_function
#undef strcpy
#define strcpy(x,y) BANNED(strcpy)
#undef strcat
#define strcat(x,y) BANNED(strcat)
#undef strncpy
#define strncpy(x,y,n) BANNED(strncpy)
#undef strncat
Reported by FlawFinder.
Line: 15
Column: 8
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
#undef strcpy
#define strcpy(x,y) BANNED(strcpy)
#undef strcat
#define strcat(x,y) BANNED(strcat)
#undef strncpy
#define strncpy(x,y,n) BANNED(strncpy)
#undef strncat
#define strncat(x,y,n) BANNED(strncat)
Reported by FlawFinder.
Line: 16
Column: 9
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
#undef strcpy
#define strcpy(x,y) BANNED(strcpy)
#undef strcat
#define strcat(x,y) BANNED(strcat)
#undef strncpy
#define strncpy(x,y,n) BANNED(strncpy)
#undef strncat
#define strncat(x,y,n) BANNED(strncat)
Reported by FlawFinder.
Line: 16
Column: 28
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
#undef strcpy
#define strcpy(x,y) BANNED(strcpy)
#undef strcat
#define strcat(x,y) BANNED(strcat)
#undef strncpy
#define strncpy(x,y,n) BANNED(strncpy)
#undef strncat
#define strncat(x,y,n) BANNED(strncat)
Reported by FlawFinder.
Line: 22
Column: 8
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
#undef strncat
#define strncat(x,y,n) BANNED(strncat)
#undef sprintf
#undef vsprintf
#ifdef HAVE_VARIADIC_MACROS
#define sprintf(...) BANNED(sprintf)
#define vsprintf(...) BANNED(vsprintf)
#else
Reported by FlawFinder.
Line: 23
Column: 8
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
#define strncat(x,y,n) BANNED(strncat)
#undef sprintf
#undef vsprintf
#ifdef HAVE_VARIADIC_MACROS
#define sprintf(...) BANNED(sprintf)
#define vsprintf(...) BANNED(vsprintf)
#else
#define sprintf(buf,fmt,arg) BANNED(sprintf)
Reported by FlawFinder.
Line: 25
Column: 29
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
#undef sprintf
#undef vsprintf
#ifdef HAVE_VARIADIC_MACROS
#define sprintf(...) BANNED(sprintf)
#define vsprintf(...) BANNED(vsprintf)
#else
#define sprintf(buf,fmt,arg) BANNED(sprintf)
#define vsprintf(buf,fmt,arg) BANNED(vsprintf)
#endif
Reported by FlawFinder.
Line: 25
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
#undef sprintf
#undef vsprintf
#ifdef HAVE_VARIADIC_MACROS
#define sprintf(...) BANNED(sprintf)
#define vsprintf(...) BANNED(vsprintf)
#else
#define sprintf(buf,fmt,arg) BANNED(sprintf)
#define vsprintf(buf,fmt,arg) BANNED(vsprintf)
#endif
Reported by FlawFinder.
builtin/remote.c
20 issues
Line: 1735
CWE codes:
908
usage_with_options(builtin_remote_usage, options);
}
return result ? 1 : 0;
}
Reported by Cppcheck.
Line: 1008
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
else
arg = _(" ???");
printf(" %-*s", info->width, name);
printf(fmt, arg);
printf("\n");
} else
printf(" %s\n", name);
return 0;
Reported by FlawFinder.
Line: 278
Column: 9
CWE codes:
126
if (!starts_with(key, "branch."))
return 0;
key += strlen("branch.");
if (strip_suffix(key, ".remote", &key_len))
type = REMOTE;
else if (strip_suffix(key, ".merge", &key_len))
type = MERGE;
else if (strip_suffix(key, ".rebase", &key_len))
Reported by FlawFinder.
Line: 463
Column: 12
CWE codes:
126
const struct refspec_item *spec = &remote->push.items[i];
if (spec->matching)
item = string_list_append(&states->push, _("(matching)"));
else if (strlen(spec->src))
item = string_list_append(&states->push, spec->src);
else
item = string_list_append(&states->push, _("(delete)"));
info = item->util = xcalloc(1, sizeof(struct push_info));
Reported by FlawFinder.
Line: 726
Column: 26
CWE codes:
126
if (ptr) {
refspec_updated = 1;
strbuf_splice(&buf2,
ptr-buf2.buf + strlen(":refs/remotes/"),
strlen(rename.old_name), rename.new_name,
strlen(rename.new_name));
} else
warning(_("Not updating non-default fetch refspec\n"
"\t%s\n"
Reported by FlawFinder.
Line: 727
Column: 11
CWE codes:
126
refspec_updated = 1;
strbuf_splice(&buf2,
ptr-buf2.buf + strlen(":refs/remotes/"),
strlen(rename.old_name), rename.new_name,
strlen(rename.new_name));
} else
warning(_("Not updating non-default fetch refspec\n"
"\t%s\n"
"\tPlease update the configuration manually if necessary."),
Reported by FlawFinder.
Line: 728
Column: 11
CWE codes:
126
strbuf_splice(&buf2,
ptr-buf2.buf + strlen(":refs/remotes/"),
strlen(rename.old_name), rename.new_name,
strlen(rename.new_name));
} else
warning(_("Not updating non-default fetch refspec\n"
"\t%s\n"
"\tPlease update the configuration manually if necessary."),
buf2.buf);
Reported by FlawFinder.
Line: 779
Column: 23
CWE codes:
126
continue;
strbuf_reset(&buf);
strbuf_addstr(&buf, item->string);
strbuf_splice(&buf, strlen("refs/remotes/"), strlen(rename.old_name),
rename.new_name, strlen(rename.new_name));
strbuf_reset(&buf2);
strbuf_addf(&buf2, "remote: renamed %s to %s",
item->string, buf.buf);
if (rename_ref(item->string, buf.buf, buf2.buf))
Reported by FlawFinder.
Line: 779
Column: 48
CWE codes:
126
continue;
strbuf_reset(&buf);
strbuf_addstr(&buf, item->string);
strbuf_splice(&buf, strlen("refs/remotes/"), strlen(rename.old_name),
rename.new_name, strlen(rename.new_name));
strbuf_reset(&buf2);
strbuf_addf(&buf2, "remote: renamed %s to %s",
item->string, buf.buf);
if (rename_ref(item->string, buf.buf, buf2.buf))
Reported by FlawFinder.
Line: 780
Column: 22
CWE codes:
126
strbuf_reset(&buf);
strbuf_addstr(&buf, item->string);
strbuf_splice(&buf, strlen("refs/remotes/"), strlen(rename.old_name),
rename.new_name, strlen(rename.new_name));
strbuf_reset(&buf2);
strbuf_addf(&buf2, "remote: renamed %s to %s",
item->string, buf.buf);
if (rename_ref(item->string, buf.buf, buf2.buf))
die(_("renaming '%s' failed"), item->string);
Reported by FlawFinder.
compat/mingw.h
20 issues
Line: 123
Column: 19
CWE codes:
362
20
Suggestion:
Reconsider approach
* trivial stubs
*/
static inline int readlink(const char *path, char *buf, size_t bufsiz)
{ errno = ENOSYS; return -1; }
static inline int symlink(const char *oldpath, const char *newpath)
{ errno = ENOSYS; return -1; }
static inline int fchmod(int fildes, mode_t mode)
{ errno = ENOSYS; return -1; }
Reported by FlawFinder.
Line: 255
Column: 9
CWE codes:
362
Suggestion:
Use fchmod( ) instead
#define chdir mingw_chdir
int mingw_chmod(const char *filename, int mode);
#define chmod mingw_chmod
char *mingw_mktemp(char *template);
#define mktemp mingw_mktemp
char *mingw_getcwd(char *pointer, int len);
Reported by FlawFinder.
Line: 248
Column: 8
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
#define write mingw_write
int mingw_access(const char *filename, int mode);
#undef access
#define access mingw_access
int mingw_chdir(const char *dirname);
#define chdir mingw_chdir
Reported by FlawFinder.
Line: 249
Column: 9
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
int mingw_access(const char *filename, int mode);
#undef access
#define access mingw_access
int mingw_chdir(const char *dirname);
#define chdir mingw_chdir
int mingw_chmod(const char *filename, int mode);
Reported by FlawFinder.
Line: 258
Column: 9
CWE codes:
377
#define chmod mingw_chmod
char *mingw_mktemp(char *template);
#define mktemp mingw_mktemp
char *mingw_getcwd(char *pointer, int len);
#define getcwd mingw_getcwd
#ifdef NO_UNSETENV
Reported by FlawFinder.
Line: 409
Column: 9
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
const char *dir,
int fhin, int fhout, int fherr);
int mingw_execvp(const char *cmd, char *const *argv);
#define execvp mingw_execvp
int mingw_execv(const char *cmd, char *const *argv);
#define execv mingw_execv
static inline unsigned int git_ntohl(unsigned int x)
{ return (unsigned int)ntohl(x); }
Reported by FlawFinder.
Line: 411
Column: 9
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
int mingw_execvp(const char *cmd, char *const *argv);
#define execvp mingw_execvp
int mingw_execv(const char *cmd, char *const *argv);
#define execv mingw_execv
static inline unsigned int git_ntohl(unsigned int x)
{ return (unsigned int)ntohl(x); }
#define ntohl git_ntohl
Reported by FlawFinder.
Line: 287
Column: 9
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
*
* We require NO_SETENV (and let gitsetenv() call our mingw_putenv).
*/
#define getenv mingw_getenv
#define putenv mingw_putenv
#define unsetenv mingw_putenv
char *mingw_getenv(const char *name);
int mingw_putenv(const char *name);
Reported by FlawFinder.
Line: 106
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define ITIMER_REAL 0
struct utsname {
char sysname[16];
char nodename[1];
char release[16];
char version[16];
char machine[1];
};
Reported by FlawFinder.
Line: 107
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct utsname {
char sysname[16];
char nodename[1];
char release[16];
char version[16];
char machine[1];
};
Reported by FlawFinder.