The following issues were found
builtin/range-diff.c
1 issues
Line: 81
Column: 12
CWE codes:
126
a_len = (int)(b - a);
if (!a_len) {
a = "HEAD";
a_len = strlen(a);
}
b += 3;
if (!*b)
b = "HEAD";
strbuf_addf(&range1, "%s..%.*s", b, a_len, a);
Reported by FlawFinder.
reset.c
1 issues
Line: 93
Column: 18
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
reset_head_refs:
reflog_action = getenv(GIT_REFLOG_ACTION_ENVIRONMENT);
strbuf_addf(&msg, "%s: ", reflog_action ? reflog_action : default_reflog_action);
prefix_len = msg.len;
if (update_orig_head) {
if (!get_oid("ORIG_HEAD", &oid_old_orig))
Reported by FlawFinder.
resolve-undo.c
1 issues
Line: 67
Column: 9
CWE codes:
126
struct string_list_item *lost;
struct resolve_undo_info *ui;
len = strlen(data) + 1;
if (size <= len)
goto error;
lost = string_list_insert(resolve_undo, data);
if (!lost->util)
lost->util = xcalloc(1, sizeof(*ui));
Reported by FlawFinder.
builtin/pull.c
1 issues
Line: 953
Column: 7
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
int rebase_unspecified = 0;
int can_ff;
if (!getenv("GIT_REFLOG_ACTION"))
set_reflog_message(argc, argv);
git_config(git_pull_config, NULL);
argc = parse_options(argc, argv, prefix, pull_options, pull_usage, 0);
Reported by FlawFinder.
send-pack.c
1 issues
Line: 436
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
die(_("send-pack: unable to fork off fetch subprocess"));
do {
char hex_hash[GIT_MAX_HEXSZ + 1];
int read_len = read_in_full(child.out, hex_hash, len);
struct object_id oid;
const char *end;
if (!read_len)
Reported by FlawFinder.
builtin/name-rev.c
1 issues
Line: 608
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
name_tips();
if (transform_stdin) {
char buffer[2048];
while (!feof(stdin)) {
char *p = fgets(buffer, sizeof(buffer), stdin);
if (!p)
break;
Reported by FlawFinder.
builtin/merge-tree.c
1 issues
Line: 136
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
printf("%s\n", explanation(entry));
do {
struct merge_list *link = entry->link;
static const char *desc[4] = { "result", "base", "our", "their" };
printf(" %-6s %o %s %s\n", desc[entry->stage], entry->mode, oid_to_hex(&entry->blob->object.oid), entry->path);
entry = link;
} while (entry);
}
Reported by FlawFinder.
sha1dc/sha1.h
1 issues
Line: 42
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
uint64_t total;
uint32_t ihv[5];
unsigned char buffer[64];
int found_collision;
int safe_hash;
int detect_coll;
int ubc_check;
int reduced_round_coll;
Reported by FlawFinder.
sha1dc/ubc_check.h
1 issues
Line: 49
#endif
#ifdef SHA1DC_CUSTOM_TRAILING_INCLUDE_UBC_CHECK_H
#include SHA1DC_CUSTOM_TRAILING_INCLUDE_UBC_CHECK_H
#endif
#endif
Reported by Cppcheck.
sha1dc_git.c
1 issues
Line: 17
Column: 31
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/*
* Same as SHA1DCFinal, but convert collision attack case into a verbose die().
*/
void git_SHA1DCFinal(unsigned char hash[20], SHA1_CTX *ctx)
{
if (!SHA1DCFinal(hash, ctx))
return;
die("SHA-1 appears to be part of a collision attack: %s",
hash_to_hex_algop(hash, &hash_algos[GIT_HASH_SHA1]));
Reported by FlawFinder.