The following issues were found
packfile.c
10 issues
Line: 1974
CWE codes:
908
}
hashcpy(oid.hash, sha1);
if (bsearch_pack(&oid, p, &result))
return nth_packed_object_offset(p, result);
return 0;
}
int is_pack_valid(struct packed_git *p)
Reported by Cppcheck.
Line: 375
Column: 8
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (!force_delete) {
strbuf_addstr(&buf, ".keep");
if (!access(buf.buf, F_OK)) {
strbuf_release(&buf);
return;
}
}
Reported by FlawFinder.
Line: 712
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
memcpy(p->pack_name, path, path_len);
xsnprintf(p->pack_name + path_len, alloc - path_len, ".keep");
if (!access(p->pack_name, F_OK))
p->pack_keep = 1;
xsnprintf(p->pack_name + path_len, alloc - path_len, ".promisor");
if (!access(p->pack_name, F_OK))
p->pack_promisor = 1;
Reported by FlawFinder.
Line: 716
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
p->pack_keep = 1;
xsnprintf(p->pack_name + path_len, alloc - path_len, ".promisor");
if (!access(p->pack_name, F_OK))
p->pack_promisor = 1;
xsnprintf(p->pack_name + path_len, alloc - path_len, ".pack");
if (stat(p->pack_name, &st) || !S_ISREG(st.st_mode)) {
free(p);
Reported by FlawFinder.
Line: 239
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t alloc = st_add(strlen(path), 1);
struct packed_git *p = alloc_packed_git(alloc);
memcpy(p->pack_name, path, alloc); /* includes NUL */
hashcpy(p->hash, sha1);
if (check_packed_git_idx(idx_path, p)) {
free(p);
return NULL;
}
Reported by FlawFinder.
Line: 522
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct stat st;
struct pack_header hdr;
unsigned char hash[GIT_MAX_RAWSZ];
unsigned char *idx_hash;
ssize_t read_result;
const unsigned hashsz = the_hash_algo->rawsz;
if (open_pack_index(p))
Reported by FlawFinder.
Line: 709
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
*/
alloc = st_add3(path_len, strlen(".promisor"), 1);
p = alloc_packed_git(alloc);
memcpy(p->pack_name, path, path_len);
xsnprintf(p->pack_name + path_len, alloc - path_len, ".keep");
if (!access(p->pack_name, F_OK))
p->pack_keep = 1;
Reported by FlawFinder.
Line: 1088
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
off_t curpos)
{
const unsigned char *data;
unsigned char delta_head[20], *in;
git_zstream stream;
int st;
memset(&stream, 0, sizeof(stream));
stream.next_out = delta_head;
Reported by FlawFinder.
Line: 236
Column: 24
CWE codes:
126
struct packed_git *parse_pack_index(unsigned char *sha1, const char *idx_path)
{
const char *path = sha1_pack_name(sha1);
size_t alloc = st_add(strlen(path), 1);
struct packed_git *p = alloc_packed_git(alloc);
memcpy(p->pack_name, path, alloc); /* includes NUL */
hashcpy(p->hash, sha1);
if (check_packed_git_idx(idx_path, p)) {
Reported by FlawFinder.
Line: 707
Column: 28
CWE codes:
126
* ".promisor" is long enough to hold any suffix we're adding (and
* the use xsnprintf double-checks that)
*/
alloc = st_add3(path_len, strlen(".promisor"), 1);
p = alloc_packed_git(alloc);
memcpy(p->pack_name, path, path_len);
xsnprintf(p->pack_name + path_len, alloc - path_len, ".keep");
if (!access(p->pack_name, F_OK))
Reported by FlawFinder.
submodule.c
10 issues
Line: 38
Column: 52
CWE codes:
126
*/
int is_gitmodules_unmerged(struct index_state *istate)
{
int pos = index_name_pos(istate, GITMODULES_FILE, strlen(GITMODULES_FILE));
if (pos < 0) { /* .gitmodules not found or isn't merged */
pos = -1 - pos;
if (istate->cache_nr > pos) { /* there is a .gitmodules */
const struct cache_entry *ce = istate->cache[pos];
if (ce_namelen(ce) == strlen(GITMODULES_FILE) &&
Reported by FlawFinder.
Line: 43
Column: 26
CWE codes:
126
pos = -1 - pos;
if (istate->cache_nr > pos) { /* there is a .gitmodules */
const struct cache_entry *ce = istate->cache[pos];
if (ce_namelen(ce) == strlen(GITMODULES_FILE) &&
!strcmp(ce->name, GITMODULES_FILE))
return 1;
}
}
Reported by FlawFinder.
Line: 80
Column: 52
CWE codes:
126
*/
int is_staging_gitmodules_ok(struct index_state *istate)
{
int pos = index_name_pos(istate, GITMODULES_FILE, strlen(GITMODULES_FILE));
if ((pos >= 0) && (pos < istate->cache_nr)) {
struct stat st;
if (lstat(GITMODULES_FILE, &st) == 0 &&
ie_modified(istate, istate->cache[pos], &st, 0) & DATA_CHANGED)
Reported by FlawFinder.
Line: 274
Column: 48
CWE codes:
126
}
parse_pathspec(&ps, 0, 0, NULL, args.v);
ret = match_pathspec(repo->index, &ps, path, strlen(path), 0, NULL, 1);
strvec_clear(&args);
clear_pathspec(&ps);
return ret;
}
Reported by FlawFinder.
Line: 313
Column: 14
CWE codes:
126
if (!prefix)
return;
prefixlen = strlen(prefix);
for (i = 0; i < istate->cache_nr; i++) {
struct cache_entry *ce = istate->cache[i];
int ce_len = ce_namelen(ce);
Reported by FlawFinder.
Line: 1694
Column: 18
CWE codes:
126
buf.buf[0] == '1' ||
buf.buf[0] == '2') {
/* T = line type, XY = status, SSSS = submodule state */
if (buf.len < strlen("T XY SSSS"))
BUG("invalid status --porcelain=2 line %s",
buf.buf);
if (buf.buf[5] == 'S' && buf.buf[8] == 'U')
/* nested untracked file */
Reported by FlawFinder.
Line: 2007
Column: 45
CWE codes:
126
int validate_submodule_git_dir(char *git_dir, const char *submodule_name)
{
size_t len = strlen(git_dir), suffix_len = strlen(submodule_name);
char *p;
int ret = 0;
if (len <= suffix_len || (p = git_dir + len - suffix_len)[-1] != '/' ||
strcmp(p, submodule_name))
Reported by FlawFinder.
Line: 2007
Column: 15
CWE codes:
126
int validate_submodule_git_dir(char *git_dir, const char *submodule_name)
{
size_t len = strlen(git_dir), suffix_len = strlen(submodule_name);
char *p;
int ret = 0;
if (len <= suffix_len || (p = git_dir + len - suffix_len)[-1] != '/' ||
strcmp(p, submodule_name))
Reported by FlawFinder.
Line: 2215
Column: 17
CWE codes:
126
if (starts_with(sb.buf, "160000")) {
int super_sub_len;
int cwd_len = strlen(cwd);
char *super_sub, *super_wt;
/*
* There is a superproject having this repo as a submodule.
* The format is <mode> SP <hash> SP <stage> TAB <full name> \0,
Reported by FlawFinder.
Line: 2224
Column: 19
CWE codes:
126
* We're only interested in the name after the tab.
*/
super_sub = strchr(sb.buf, '\t') + 1;
super_sub_len = strlen(super_sub);
if (super_sub_len > cwd_len ||
strcmp(&cwd[cwd_len - super_sub_len], super_sub))
BUG("returned path string doesn't match cwd?");
Reported by FlawFinder.
trace.h
10 issues
Line: 134
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
/**
* Prints a formatted message, similar to printf.
*/
__attribute__((format (printf, 1, 2)))
void trace_printf(const char *format, ...);
__attribute__((format (printf, 2, 3)))
void trace_printf_key(struct trace_key *key, const char *format, ...);
Reported by FlawFinder.
Line: 137
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
__attribute__((format (printf, 1, 2)))
void trace_printf(const char *format, ...);
__attribute__((format (printf, 2, 3)))
void trace_printf_key(struct trace_key *key, const char *format, ...);
/**
* Prints a formatted message, followed by a quoted list of arguments.
*/
Reported by FlawFinder.
Line: 143
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
/**
* Prints a formatted message, followed by a quoted list of arguments.
*/
__attribute__((format (printf, 2, 3)))
void trace_argv_printf(const char **argv, const char *format, ...);
/**
* Prints the strbuf, without additional formatting (i.e. doesn't
* choke on `%` or even `\0`).
Reported by FlawFinder.
Line: 168
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
* trace_performance(t, "frotz");
* ------------
*/
__attribute__((format (printf, 2, 3)))
void trace_performance(uint64_t nanos, const char *format, ...);
/**
* Prints elapsed time since 'start' if GIT_TRACE_PERFORMANCE is enabled.
*
Reported by FlawFinder.
Line: 181
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
* trace_performance_since(start, "foobar");
* ------------
*/
__attribute__((format (printf, 2, 3)))
void trace_performance_since(uint64_t start, const char *format, ...);
__attribute__((format (printf, 1, 2)))
void trace_performance_leave(const char *format, ...);
Reported by FlawFinder.
Line: 184
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
__attribute__((format (printf, 2, 3)))
void trace_performance_since(uint64_t start, const char *format, ...);
__attribute__((format (printf, 1, 2)))
void trace_performance_leave(const char *format, ...);
#else
/*
Reported by FlawFinder.
Line: 269
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
} while (0)
/* backend functions, use non-*fl macros instead */
__attribute__((format (printf, 4, 5)))
void trace_printf_key_fl(const char *file, int line, struct trace_key *key,
const char *format, ...);
__attribute__((format (printf, 4, 5)))
void trace_argv_printf_fl(const char *file, int line, const char **argv,
const char *format, ...);
Reported by FlawFinder.
Line: 272
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
__attribute__((format (printf, 4, 5)))
void trace_printf_key_fl(const char *file, int line, struct trace_key *key,
const char *format, ...);
__attribute__((format (printf, 4, 5)))
void trace_argv_printf_fl(const char *file, int line, const char **argv,
const char *format, ...);
void trace_strbuf_fl(const char *file, int line, struct trace_key *key,
const struct strbuf *data);
__attribute__((format (printf, 4, 5)))
Reported by FlawFinder.
Line: 277
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
const char *format, ...);
void trace_strbuf_fl(const char *file, int line, struct trace_key *key,
const struct strbuf *data);
__attribute__((format (printf, 4, 5)))
void trace_performance_fl(const char *file, int line,
uint64_t nanos, const char *fmt, ...);
__attribute__((format (printf, 4, 5)))
void trace_performance_leave_fl(const char *file, int line,
uint64_t nanos, const char *fmt, ...);
Reported by FlawFinder.
Line: 280
Column: 24
CWE codes:
134
Suggestion:
Use a constant for the format specification
__attribute__((format (printf, 4, 5)))
void trace_performance_fl(const char *file, int line,
uint64_t nanos, const char *fmt, ...);
__attribute__((format (printf, 4, 5)))
void trace_performance_leave_fl(const char *file, int line,
uint64_t nanos, const char *fmt, ...);
static inline int trace_pass_fl(struct trace_key *key)
{
return key->fd || !key->initialized;
Reported by FlawFinder.
builtin/merge.c
10 issues
Line: 165
Column: 27
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
struct strategy *ret;
static struct cmdnames main_cmds, other_cmds;
static int loaded;
char *default_strategy = getenv("GIT_TEST_MERGE_ALGORITHM");
if (!name)
return NULL;
if (default_strategy &&
Reported by FlawFinder.
Line: 453
Column: 34
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
const struct object_id *head = &head_commit->object.oid;
if (!msg)
strbuf_addstr(&reflog_message, getenv("GIT_REFLOG_ACTION"));
else {
if (verbosity >= 0)
printf("%s\n", msg);
strbuf_addf(&reflog_message, "%s: %s",
getenv("GIT_REFLOG_ACTION"), msg);
Reported by FlawFinder.
Line: 458
Column: 4
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (verbosity >= 0)
printf("%s\n", msg);
strbuf_addf(&reflog_message, "%s: %s",
getenv("GIT_REFLOG_ACTION"), msg);
}
if (squash) {
squash_message(head_commit, remoteheads);
} else {
if (verbosity >= 0 && !merge_msg.len)
Reported by FlawFinder.
Line: 1060
Column: 18
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static int default_edit_option(void)
{
static const char name[] = "GIT_MERGE_AUTOEDIT";
const char *e = getenv(name);
struct stat st_stdin, st_stdout;
if (have_message)
/* an explicit -m msg without --[no-]edit */
return 0;
Reported by FlawFinder.
Line: 1288
Column: 28
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
skip_prefix(branch, "refs/heads/", &branch);
if (!pull_twohead) {
char *default_strategy = getenv("GIT_TEST_MERGE_ALGORITHM");
if (default_strategy && !strcmp(default_strategy, "ort"))
pull_twohead = "ort";
}
init_diff_ui_defaults();
Reported by FlawFinder.
Line: 340
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void read_empty(const struct object_id *oid, int verbose)
{
int i = 0;
const char *args[7];
args[i++] = "read-tree";
if (verbose)
args[i++] = "-v";
args[i++] = "-m";
Reported by FlawFinder.
Line: 358
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void reset_hard(const struct object_id *oid, int verbose)
{
int i = 0;
const char *args[6];
args[i++] = "read-tree";
if (verbose)
args[i++] = "-v";
args[i++] = "--reset";
Reported by FlawFinder.
Line: 1139
Column: 7
CWE codes:
362
merge_names = &fetch_head_file;
filename = git_path_fetch_head(the_repository);
fd = open(filename, O_RDONLY);
if (fd < 0)
die_errno(_("could not open '%s' for reading"), filename);
if (strbuf_read(merge_names, fd, 0) < 0)
die_errno(_("could not read '%s'"), filename);
Reported by FlawFinder.
Line: 517
Column: 23
CWE codes:
126
if (!remote_head)
die(_("'%s' does not point to a commit"), remote);
if (dwim_ref(remote, strlen(remote), &branch_head, &found_ref, 0) > 0) {
if (starts_with(found_ref, "refs/heads/")) {
strbuf_addf(msg, "%s\t\tbranch '%s' of .\n",
oid_to_hex(&branch_head), remote);
goto cleanup;
}
Reported by FlawFinder.
Line: 536
Column: 31
CWE codes:
126
}
/* See if remote matches <name>^^^.. or <name>~<number> */
for (len = 0, ptr = remote + strlen(remote);
remote < ptr && ptr[-1] == '^';
ptr--)
len++;
if (len)
early = 1;
Reported by FlawFinder.
editor.c
9 issues
Line: 13
Column: 25
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
int is_terminal_dumb(void)
{
const char *terminal = getenv("TERM");
return !terminal || !strcmp(terminal, "dumb");
}
const char *git_editor(void)
{
Reported by FlawFinder.
Line: 19
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
const char *git_editor(void)
{
const char *editor = getenv("GIT_EDITOR");
int terminal_is_dumb = is_terminal_dumb();
if (!editor && editor_program)
editor = editor_program;
if (!editor && !terminal_is_dumb)
Reported by FlawFinder.
Line: 25
Column: 12
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!editor && editor_program)
editor = editor_program;
if (!editor && !terminal_is_dumb)
editor = getenv("VISUAL");
if (!editor)
editor = getenv("EDITOR");
if (!editor && terminal_is_dumb)
return NULL;
Reported by FlawFinder.
Line: 27
Column: 12
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!editor && !terminal_is_dumb)
editor = getenv("VISUAL");
if (!editor)
editor = getenv("EDITOR");
if (!editor && terminal_is_dumb)
return NULL;
if (!editor)
Reported by FlawFinder.
Line: 40
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
const char *git_sequence_editor(void)
{
const char *editor = getenv("GIT_SEQUENCE_EDITOR");
if (!editor)
git_config_get_string_tmp("sequence.editor", &editor);
if (!editor)
editor = git_editor();
Reported by FlawFinder.
Line: 79
Column: 20
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
fflush(stderr);
}
strbuf_realpath(&realpath, path, 1);
args[1] = realpath.buf;
p.argv = args;
p.env = env;
p.use_shell = 1;
Reported by FlawFinder.
Line: 80
Column: 13
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
}
strbuf_realpath(&realpath, path, 1);
args[1] = realpath.buf;
p.argv = args;
p.env = env;
p.use_shell = 1;
p.trace2_child_class = "editor";
Reported by FlawFinder.
Line: 87
Column: 20
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
p.use_shell = 1;
p.trace2_child_class = "editor";
if (start_command(&p) < 0) {
strbuf_release(&realpath);
return error("unable to start editor '%s'", editor);
}
sigchain_push(SIGINT, SIG_IGN);
sigchain_push(SIGQUIT, SIG_IGN);
Reported by FlawFinder.
Line: 94
Column: 19
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
sigchain_push(SIGINT, SIG_IGN);
sigchain_push(SIGQUIT, SIG_IGN);
ret = finish_command(&p);
strbuf_release(&realpath);
sig = ret - 128;
sigchain_pop(SIGINT);
sigchain_pop(SIGQUIT);
if (sig == SIGINT || sig == SIGQUIT)
raise(sig);
Reported by FlawFinder.
trailer.c
9 issues
Line: 87
Column: 48
CWE codes:
126
if (!a->token)
return 0;
a_len = token_len_without_separator(a->token, strlen(a->token));
b_len = token_len_without_separator(b->token, strlen(b->token));
min_len = (a_len > b_len) ? b_len : a_len;
return !strncasecmp(a->token, b->token, min_len);
}
Reported by FlawFinder.
Line: 88
Column: 48
CWE codes:
126
return 0;
a_len = token_len_without_separator(a->token, strlen(a->token));
b_len = token_len_without_separator(b->token, strlen(b->token));
min_len = (a_len > b_len) ? b_len : a_len;
return !strncasecmp(a->token, b->token, min_len);
}
Reported by FlawFinder.
Line: 116
Column: 36
CWE codes:
126
{
const char *ptr = strstr(sb->buf, a);
if (ptr)
strbuf_splice(sb, ptr - sb->buf, strlen(a), b, strlen(b));
}
static void free_trailer_item(struct trailer_item *item)
{
free(item->token);
Reported by FlawFinder.
Line: 116
Column: 50
CWE codes:
126
{
const char *ptr = strstr(sb->buf, a);
if (ptr)
strbuf_splice(sb, ptr - sb->buf, strlen(a), b, strlen(b));
}
static void free_trailer_item(struct trailer_item *item)
{
free(item->token);
Reported by FlawFinder.
Line: 140
Column: 11
CWE codes:
126
static char last_non_space_char(const char *s)
{
int i;
for (i = strlen(s) - 1; i >= 0; i--)
if (!isspace(s[i]))
return s[i];
return '\0';
}
Reported by FlawFinder.
Line: 171
Column: 29
CWE codes:
126
struct trailer_item *item;
list_for_each(pos, head) {
item = list_entry(pos, struct trailer_item, list);
if ((!opts->trim_empty || strlen(item->value) > 0) &&
(!opts->only_trailers || item->token))
print_tok_val(outfile, item->token, item->value);
}
}
Reported by FlawFinder.
Line: 1097
Column: 17
CWE codes:
126
ensure_configured();
if (opts->no_divider)
patch_start = strlen(str);
else
patch_start = find_patch_start(str);
trailer_end = find_trailer_end(str, patch_start);
trailer_start = find_trailer_start(str, trailer_end);
Reported by FlawFinder.
Line: 1111
Column: 30
CWE codes:
126
for (ptr = trailer_lines; *ptr; ptr++) {
if (last && isspace((*ptr)->buf[0])) {
struct strbuf sb = STRBUF_INIT;
strbuf_attach(&sb, *last, strlen(*last), strlen(*last));
strbuf_addbuf(&sb, *ptr);
*last = strbuf_detach(&sb, NULL);
continue;
}
ALLOC_GROW(trailer_strings, nr + 1, alloc);
Reported by FlawFinder.
Line: 1111
Column: 45
CWE codes:
126
for (ptr = trailer_lines; *ptr; ptr++) {
if (last && isspace((*ptr)->buf[0])) {
struct strbuf sb = STRBUF_INIT;
strbuf_attach(&sb, *last, strlen(*last), strlen(*last));
strbuf_addbuf(&sb, *ptr);
*last = strbuf_detach(&sb, NULL);
continue;
}
ALLOC_GROW(trailer_strings, nr + 1, alloc);
Reported by FlawFinder.
add-interactive.h
9 issues
Line: 9
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct add_i_state {
struct repository *r;
int use_color;
char header_color[COLOR_MAXLEN];
char help_color[COLOR_MAXLEN];
char prompt_color[COLOR_MAXLEN];
char error_color[COLOR_MAXLEN];
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
Reported by FlawFinder.
Line: 10
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct repository *r;
int use_color;
char header_color[COLOR_MAXLEN];
char help_color[COLOR_MAXLEN];
char prompt_color[COLOR_MAXLEN];
char error_color[COLOR_MAXLEN];
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
Reported by FlawFinder.
Line: 11
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int use_color;
char header_color[COLOR_MAXLEN];
char help_color[COLOR_MAXLEN];
char prompt_color[COLOR_MAXLEN];
char error_color[COLOR_MAXLEN];
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
char file_old_color[COLOR_MAXLEN];
Reported by FlawFinder.
Line: 12
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char header_color[COLOR_MAXLEN];
char help_color[COLOR_MAXLEN];
char prompt_color[COLOR_MAXLEN];
char error_color[COLOR_MAXLEN];
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
char file_old_color[COLOR_MAXLEN];
char file_new_color[COLOR_MAXLEN];
Reported by FlawFinder.
Line: 13
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char help_color[COLOR_MAXLEN];
char prompt_color[COLOR_MAXLEN];
char error_color[COLOR_MAXLEN];
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
char file_old_color[COLOR_MAXLEN];
char file_new_color[COLOR_MAXLEN];
Reported by FlawFinder.
Line: 14
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char prompt_color[COLOR_MAXLEN];
char error_color[COLOR_MAXLEN];
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
char file_old_color[COLOR_MAXLEN];
char file_new_color[COLOR_MAXLEN];
int use_single_key;
Reported by FlawFinder.
Line: 15
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char error_color[COLOR_MAXLEN];
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
char file_old_color[COLOR_MAXLEN];
char file_new_color[COLOR_MAXLEN];
int use_single_key;
char *interactive_diff_filter, *interactive_diff_algorithm;
Reported by FlawFinder.
Line: 16
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char reset_color[COLOR_MAXLEN];
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
char file_old_color[COLOR_MAXLEN];
char file_new_color[COLOR_MAXLEN];
int use_single_key;
char *interactive_diff_filter, *interactive_diff_algorithm;
};
Reported by FlawFinder.
Line: 17
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char fraginfo_color[COLOR_MAXLEN];
char context_color[COLOR_MAXLEN];
char file_old_color[COLOR_MAXLEN];
char file_new_color[COLOR_MAXLEN];
int use_single_key;
char *interactive_diff_filter, *interactive_diff_algorithm;
};
Reported by FlawFinder.
builtin/clean.c
9 issues
Line: 166
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
is_nonbare_repository_dir(path)) {
if (!quiet) {
quote_path(path->buf, prefix, "ed, 0);
printf(dry_run ? _(msg_would_skip_git_dir) : _(msg_skip_git_dir),
quoted.buf);
}
*dir_gone = 0;
goto out;
Reported by FlawFinder.
Line: 250
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (!*dir_gone && !quiet) {
int i;
for (i = 0; i < dels.nr; i++)
printf(dry_run ? _(msg_would_remove) : _(msg_remove), dels.items[i].string);
}
out:
strbuf_release("ed);
string_list_clear(&dels, 0);
return ret;
Reported by FlawFinder.
Line: 299
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
static void prompt_help_cmd(int singleton)
{
clean_print_color(CLEAN_COLOR_HELP);
printf(singleton ?
_("Prompt help:\n"
"1 - select a numbered item\n"
"foo - select item based on unique prefix\n"
" - (empty) select nothing\n") :
_("Prompt help:\n"
Reported by FlawFinder.
Line: 1045
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
errors++;
if (gone && !quiet) {
qname = quote_path(item->string, NULL, &buf, 0);
printf(dry_run ? _(msg_would_remove) : _(msg_remove), qname);
}
} else {
res = dry_run ? 0 : unlink(abs_path.buf);
if (res) {
int saved_errno = errno;
Reported by FlawFinder.
Line: 1057
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
errors++;
} else if (!quiet) {
qname = quote_path(item->string, NULL, &buf, 0);
printf(dry_run ? _(msg_would_remove) : _(msg_remove), qname);
}
}
}
strbuf_release(&abs_path);
Reported by FlawFinder.
Line: 499
Column: 13
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
}
if (is_number) {
bottom = atoi((*ptr)->buf);
top = bottom;
} else if (is_range) {
bottom = atoi((*ptr)->buf);
/* a range can be specified like 5-7 or 5- */
if (!*(strchr((*ptr)->buf, '-') + 1))
Reported by FlawFinder.
Line: 502
Column: 13
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
bottom = atoi((*ptr)->buf);
top = bottom;
} else if (is_range) {
bottom = atoi((*ptr)->buf);
/* a range can be specified like 5-7 or 5- */
if (!*(strchr((*ptr)->buf, '-') + 1))
top = menu_stuff->nr;
else
top = atoi(strchr((*ptr)->buf, '-') + 1);
Reported by FlawFinder.
Line: 507
Column: 11
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (!*(strchr((*ptr)->buf, '-') + 1))
top = menu_stuff->nr;
else
top = atoi(strchr((*ptr)->buf, '-') + 1);
} else if (!strcmp((*ptr)->buf, "*")) {
bottom = 1;
top = menu_stuff->nr;
} else {
bottom = find_unique((*ptr)->buf, menu_stuff);
Reported by FlawFinder.
Line: 379
Column: 8
CWE codes:
126
struct string_list_item *string_list_item;
int i, len, found = 0;
len = strlen(choice);
switch (menu_stuff->type) {
default:
die("Bad type of menu_stuff when parse choice");
case MENU_STUFF_TYPE_MENU_ITEM:
Reported by FlawFinder.
builtin/checkout.c
9 issues
Line: 996
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
strbuf_addf(&sb, _(" ... and %d more.\n"), more);
}
fprintf(stderr,
Q_(
/* The singular version */
"Warning: you are leaving %d commit behind, "
"not connected to\n"
"any of your branches:\n\n"
Reported by FlawFinder.
Line: 1015
Column: 3
CWE codes:
134
Suggestion:
Use a constant for the format specification
strbuf_release(&sb);
if (advice_detached_head)
fprintf(stderr,
Q_(
/* The singular version */
"If you want to keep it by creating a new branch, "
"this may be a good time\nto do so with:\n\n"
" git branch <new-branch-name> %s\n\n",
Reported by FlawFinder.
Line: 907
Column: 15
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!old_desc && old_branch_info->commit)
old_desc = oid_to_hex(&old_branch_info->commit->object.oid);
reflog_msg = getenv("GIT_REFLOG_ACTION");
if (!reflog_msg)
strbuf_addf(&msg, "checkout: moving from %s to %s",
old_desc ? old_desc : "(invalid)", new_branch_info->name);
else
strbuf_insertstr(&msg, 0, reflog_msg);
Reported by FlawFinder.
Line: 131
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
len = base->len + strlen(pathname);
ce = make_empty_cache_entry(&the_index, len);
oidcpy(&ce->oid, oid);
memcpy(ce->name, base->buf, base->len);
memcpy(ce->name + base->len, pathname, len - base->len);
ce->ce_flags = create_ce_flags(0) | CE_UPDATE;
ce->ce_namelen = len;
ce->ce_mode = create_ce_mode(mode);
Reported by FlawFinder.
Line: 132
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ce = make_empty_cache_entry(&the_index, len);
oidcpy(&ce->oid, oid);
memcpy(ce->name, base->buf, base->len);
memcpy(ce->name + base->len, pathname, len - base->len);
ce->ce_flags = create_ce_flags(0) | CE_UPDATE;
ce->ce_namelen = len;
ce->ce_mode = create_ce_mode(mode);
/*
Reported by FlawFinder.
Line: 490
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (opts->patch_mode) {
const char *patch_mode;
const char *rev = new_branch_info->name;
char rev_oid[GIT_MAX_HEXSZ + 1];
/*
* Since rev can be in the form of `<a>...<b>` (which is not
* recognized by diff-index), we will always replace the name
* with the hex of the commit (whether it's in `...` form or
Reported by FlawFinder.
Line: 128
Column: 20
CWE codes:
126
if (S_ISDIR(mode))
return READ_TREE_RECURSIVE;
len = base->len + strlen(pathname);
ce = make_empty_cache_entry(&the_index, len);
oidcpy(&ce->oid, oid);
memcpy(ce->name, base->buf, base->len);
memcpy(ce->name + base->len, pathname, len - base->len);
ce->ce_flags = create_ce_flags(0) | CE_UPDATE;
Reported by FlawFinder.
Line: 685
Column: 30
CWE codes:
126
* If this is a ref, resolve it; otherwise, look up the OID for our
* expression. Failure here is okay.
*/
if (!dwim_ref(branch->name, strlen(branch->name), &branch->oid, &branch->refname, 0))
repo_get_oid_committish(the_repository, branch->name, &branch->oid);
strbuf_branchname(&buf, branch->name, INTERPRET_BRANCH_LOCAL);
if (strcmp(buf.buf, branch->name))
branch->name = xstrdup(buf.buf);
Reported by FlawFinder.
Line: 1381
Column: 34
CWE codes:
126
struct object_id oid;
char *to_free;
if (dwim_ref(branch_info->name, strlen(branch_info->name), &oid, &to_free, 0) == 1) {
const char *ref = to_free;
if (skip_prefix(ref, "refs/tags/", &ref))
die(_("a branch is expected, got tag '%s'"), ref);
if (skip_prefix(ref, "refs/remotes/", &ref))
Reported by FlawFinder.
builtin/mv.c
9 issues
Line: 56
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* Prefix the pathspec and free the old intermediate strings */
for (i = 0; i < count; i++) {
const char *match = prefix_path(prefix, prefixlen, result[i]);
free((char *) result[i]);
result[i] = match;
}
return result;
}
Reported by FlawFinder.
Line: 68
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t len = strlen(path);
if (path[len - 1] != '/') {
char *with_slash = xmalloc(st_add(len, 2));
memcpy(with_slash, path, len);
with_slash[len++] = '/';
with_slash[len] = 0;
return with_slash;
}
return path;
Reported by FlawFinder.
Line: 31
Column: 27
CWE codes:
126
{
int i;
const char **result;
int prefixlen = prefix ? strlen(prefix) : 0;
ALLOC_ARRAY(result, count + 1);
/* Create an intermediate copy of the pathspec based on the flags */
for (i = 0; i < count; i++) {
int length = strlen(pathspec[i]);
Reported by FlawFinder.
Line: 36
Column: 16
CWE codes:
126
/* Create an intermediate copy of the pathspec based on the flags */
for (i = 0; i < count; i++) {
int length = strlen(pathspec[i]);
int to_copy = length;
char *it;
while (!(flags & KEEP_TRAILING_SLASH) &&
to_copy > 0 && is_dir_sep(pathspec[i][to_copy - 1]))
to_copy--;
Reported by FlawFinder.
Line: 65
Column: 15
CWE codes:
126
static const char *add_slash(const char *path)
{
size_t len = strlen(path);
if (path[len - 1] != '/') {
char *with_slash = xmalloc(st_add(len, 2));
memcpy(with_slash, path, len);
with_slash[len++] = '/';
with_slash[len] = 0;
Reported by FlawFinder.
Line: 183
Column: 12
CWE codes:
126
if (show_only)
printf(_("Checking rename of '%s' to '%s'\n"), src, dst);
length = strlen(src);
if (lstat(src, &st) < 0)
bad = _("bad source");
else if (!strncmp(src, dst, length) &&
(dst[length] == 0 || dst[length] == '/')) {
bad = _("can not move directory into itself");
Reported by FlawFinder.
Line: 212
Column: 15
CWE codes:
126
REALLOC_ARRAY(submodule_gitfile, n);
dst = add_slash(dst);
dst_len = strlen(dst);
for (j = 0; j < last - first; j++) {
const char *path = active_cache[first + j]->name;
source[argc + j] = path;
destination[argc + j] =
Reported by FlawFinder.
Line: 245
Column: 27
CWE codes:
126
}
} else if (string_list_has_string(&src_for_dst, dst))
bad = _("multiple sources for the same target");
else if (is_dir_sep(dst[strlen(dst) - 1]))
bad = _("destination directory does not exist");
else
string_list_insert(&src_for_dst, dst);
if (!bad)
Reported by FlawFinder.
Line: 294
Column: 29
CWE codes:
126
if (mode == WORKING_DIRECTORY)
continue;
pos = cache_name_pos(src, strlen(src));
assert(pos >= 0);
rename_cache_entry_at(pos, dst);
}
if (gitmodules_modified)
Reported by FlawFinder.