The following issues were found
caffe2/quantization/server/l2_minimization_approx_example.cc
2 issues
Line: 20
Column: 40
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
ifstream in(argv[1]);
ofstream out(argv[2]);
bool preserve_sparsity = argc >= 4 ? atoi(argv[3]) : false;
int precision = argc >= 5 ? atoi(argv[4]) : 8;
vector<tuple<int, string, int, string>> infos;
vector<Histogram> hists;
Reported by FlawFinder.
Line: 21
Column: 31
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
ifstream in(argv[1]);
ofstream out(argv[2]);
bool preserve_sparsity = argc >= 4 ? atoi(argv[3]) : false;
int precision = argc >= 5 ? atoi(argv[4]) : 8;
vector<tuple<int, string, int, string>> infos;
vector<Histogram> hists;
string line;
Reported by FlawFinder.
test/bottleneck_test/test_args.py
2 issues
Line: 2
Column: 1
import argparse
import torch
if __name__ == '__main__':
parser = argparse.ArgumentParser()
# Required args. Raises error if they aren't passed.
parser.add_argument('--foo', help='foo', required=True)
parser.add_argument('--bar', help='bar', required=True)
Reported by Pylint.
Line: 1
Column: 1
import argparse
import torch
if __name__ == '__main__':
parser = argparse.ArgumentParser()
# Required args. Raises error if they aren't passed.
parser.add_argument('--foo', help='foo', required=True)
parser.add_argument('--bar', help='bar', required=True)
Reported by Pylint.
test/cpp/tensorexpr/test_conv.cpp
2 issues
Line: 23
#ifdef TORCH_ENABLE_LLVM
TEST(Conv, DepthwiseConv2D) {
te::KernelScope kernel_scope;
constexpr int N = 1, C = 72, H = 56, W = 56;
constexpr int K = 72, R = 3, S = 3;
constexpr int kPad = 1, kStride = 2, kGroups = C;
constexpr int CperG = C / kGroups;
Reported by Cppcheck.
Line: 166
#endif
TEST(Conv, Conv2D) {
te::KernelScope kernel_scope;
// Input dimensions.
constexpr int N = 1;
constexpr int C = 3;
Reported by Cppcheck.
test/mobile/custom_build/prepare_model.py
2 issues
Line: 7
Column: 1
build script to create a tailored build which only contains these used ops.
"""
import torch
import torchvision
import yaml
# Download and trace the model.
model = torchvision.models.mobilenet_v2(pretrained=True)
Reported by Pylint.
Line: 8
Column: 1
"""
import torch
import torchvision
import yaml
# Download and trace the model.
model = torchvision.models.mobilenet_v2(pretrained=True)
model.eval()
Reported by Pylint.
test/mobile/nnc/test_context.cpp
2 issues
Line: 35
} // extern "C"
REGISTER_NNC_KERNEL("slow_mul", slow_mul_kernel)
REGISTER_NNC_KERNEL("dummy", dummy_kernel)
InputSpec create_test_input_spec(const std::vector<int64_t>& sizes) {
InputSpec input_spec;
input_spec.sizes_ = sizes;
Reported by Cppcheck.
Line: 78
Column: 22
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
auto outputs = f.run(c10::impl::toList(input));
auto output = ((const c10::IValue&) outputs[0]).toTensor();
auto expected_output = at::ones({size}, at::kFloat).mul(a * n);
EXPECT_TRUE(output.equal(expected_output));
}
TEST(Function, Serialization) {
Function f;
f.set_name("test_function");
Reported by FlawFinder.
caffe2/quantization/server/l1_minimization_example.cc
2 issues
Line: 20
Column: 40
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
ifstream in(argv[1]);
ofstream out(argv[2]);
bool preserve_sparsity = argc >= 4 ? atoi(argv[3]) : false;
int precision = argc >= 5 ? atoi(argv[4]) : 8;
vector<tuple<int, string, int, string>> infos;
vector<Histogram> hists;
Reported by FlawFinder.
Line: 21
Column: 31
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
ifstream in(argv[1]);
ofstream out(argv[2]);
bool preserve_sparsity = argc >= 4 ? atoi(argv[3]) : false;
int precision = argc >= 5 ? atoi(argv[4]) : 8;
vector<tuple<int, string, int, string>> infos;
vector<Histogram> hists;
string line;
Reported by FlawFinder.
test/cpp/lite_interpreter_runtime/test_lite_interpreter_runtime.cpp
2 issues
Line: 53
ASSERT_EQ(result, expected_result);
}
TEST(RunTimeTest, Delegate) {
std::string filePath(__FILE__);
auto testModelFile = filePath.substr(0, filePath.find_last_of("/\\") + 1);
// "delegate_test.ptl" is generated from test/cpp/jit/test_backend.cpp,
// BackendTest.TestCompiler. This test is on target runtime. It has
// model running capability, but no compilation and serialization.
Reported by Cppcheck.
Line: 73
Column: 29
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
inputs.emplace_back(1.0 * at::ones({}));
auto mres = mlm.forward(inputs);
AT_ASSERT(mres.toTensor().equal(3 * at::ones({})));
}
TEST(RunTimeTest, DelegateException) {
std::string filePath(__FILE__);
auto testModelFile = filePath.substr(0, filePath.find_last_of("/\\") + 1);
Reported by FlawFinder.
caffe2/quantization/server/fbgemm_pack_op.cc
2 issues
Line: 288
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
&Y->original_tensor, filter.sizes(), at::dtype<int8_t>().device(CPU));
auto* buffer = Y->original_tensor.template mutable_data<int8_t>();
CAFFE_ENFORCE_EQ(Y->original_tensor.numel(), W_quantized.size());
memcpy(buffer, W_quantized.data(), W_quantized.size() * sizeof(int8_t));
}
if (this->InputIsType<int8::Int8TensorCPU>(0) && quantize_channelwise_) {
static int log_occurences = 0;
if (log_occurences < 32) {
++log_occurences;
Reported by FlawFinder.
Line: 527
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
&Y->original_tensor, filter.sizes(), at::dtype<int8_t>().device(CPU));
auto* buffer = Y->original_tensor.template mutable_data<int8_t>();
CAFFE_ENFORCE_EQ(Y->original_tensor.numel(), W_quantized.size());
memcpy(buffer, W_quantized.data(), W_quantized.size() * sizeof(int8_t));
}
if (this->InputIsType<int8::Int8TensorCPU>(FILTER) && quantize_groupwise_) {
static int log_occurences = 0;
if (log_occurences < 32) {
Reported by FlawFinder.
test/distributed/elastic/multiprocessing/bin/echo2.py
2 issues
Line: 1
Column: 1
#!/usr/bin/env python3
# Copyright (c) Facebook, Inc. and its affiliates.
# All rights reserved.
#
# This source code is licensed under the BSD-style license found in the
# LICENSE file in the root directory of this source tree.
import argparse
Reported by Pylint.
Line: 21
Column: 5
rank = int(os.environ["RANK"])
if args.raises:
raise RuntimeError(f"raised from {rank}")
else:
print(f"{args.msg} from {rank}")
Reported by Pylint.
test/bottleneck_test/test.py
2 issues
Line: 1
Column: 1
import torch
x = torch.ones((3, 3), requires_grad=True)
(3 * x).sum().backward()
Reported by Pylint.
Line: 1
Column: 1
import torch
x = torch.ones((3, 3), requires_grad=True)
(3 * x).sum().backward()
Reported by Pylint.