The following issues were found
oidtree.c
1 issues
Line: 46
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* respect the 4-byte alignment needed by struct object_id.
*/
oidcpy_with_padding(&k, oid);
memcpy(on->k, &k, sizeof(k));
/*
* n.b. Current callers won't get us duplicates, here. If a
* future caller causes duplicates, there'll be a a small leak
* that won't be freed until oidtree_clear. Currently it's not
Reported by FlawFinder.
pack-bitmap.c
1 issues
Line: 645
CWE codes:
562
revs->include_check = should_include;
revs->include_check_obj = should_include_obj;
revs->include_check_data = &incdata;
if (prepare_revision_walk(revs))
die("revision walk setup failed");
show_data.bitmap_git = bitmap_git;
Reported by Cppcheck.
pack-check.c
1 issues
Line: 57
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
off_t index_size = p->index_size;
const unsigned char *index_base = p->index_data;
git_hash_ctx ctx;
unsigned char hash[GIT_MAX_RAWSZ], *pack_sig;
off_t offset = 0, pack_sig_ofs = 0;
uint32_t nr_objects, i;
int err = 0;
struct idx_entry *entries;
Reported by FlawFinder.
worktree.h
1 issues
Line: 166
Column: 25
CWE codes:
134
Suggestion:
Use a constant for the format specification
*/
const char *worktree_git_path(const struct worktree *wt,
const char *fmt, ...)
__attribute__((format (printf, 2, 3)));
/*
* Parse a worktree ref (i.e. with prefix main-worktree/ or
* worktrees/) and return the position of the worktree's name and
* length (or NULL and zero if it's main worktree), and ref.
Reported by FlawFinder.
cache-tree.c
1 issues
Line: 99
Column: 16
CWE codes:
126
struct cache_tree_sub *cache_tree_sub(struct cache_tree *it, const char *path)
{
int pathlen = strlen(path);
return find_subtree(it, path, pathlen, 1);
}
static int do_invalidate_path(struct cache_tree *it, const char *path)
{
Reported by FlawFinder.
blame.h
1 issues
Line: 64
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* blame list instead of other commits
*/
char guilty;
char path[FLEX_ARRAY];
};
/*
* Each group of lines is described by a blame_entry; it can be split
* as we pass blame to the parents. They are arranged in linked lists
Reported by FlawFinder.
builtin/unpack-objects.c
1 issues
Line: 21
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const char unpack_usage[] = "git unpack-objects [-n] [-q] [-r] [--strict]";
/* We always read in 4kB chunks. */
static unsigned char buffer[4096];
static unsigned int offset, len;
static off_t consumed_bytes;
static off_t max_input_size;
static git_hash_ctx ctx;
static struct fsck_options fsck_options = FSCK_OPTIONS_STRICT;
Reported by FlawFinder.
builtin/unpack-file.c
1 issues
Line: 7
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static char *create_temp_file(struct object_id *oid)
{
static char path[50];
void *buf;
enum object_type type;
unsigned long size;
int fd;
Reported by FlawFinder.
builtin/sparse-checkout.c
1 issues
Line: 190
Column: 7
CWE codes:
126
for (i = 0; i < sl.nr; i++) {
char *pattern = escaped_pattern(sl.items[i].string);
if (strlen(pattern))
fprintf(fp, "%s/\n!%s/*/\n", pattern, pattern);
free(pattern);
}
string_list_clear(&sl, 0);
Reported by FlawFinder.
ppc/sha1.h
1 issues
Line: 13
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t cnt;
uint64_t len;
union {
unsigned char b[64];
uint64_t l[8];
} buf;
} ppc_SHA_CTX;
int ppc_SHA1_Init(ppc_SHA_CTX *c);
Reported by FlawFinder.