The following issues were found
caffe2/utils/proto_utils_test.cc
2 issues
Line: 25
EXPECT_FALSE(IsSameDevice(a, b));
}
TEST(ProtoUtilsTest, SimpleReadWrite) {
string content("The quick brown fox jumps over the lazy dog.");
string name = std::tmpnam(nullptr);
EXPECT_TRUE(WriteStringToFile(content, name.c_str()));
string read_back;
EXPECT_TRUE(ReadStringFromFile(name.c_str(), &read_back));
Reported by Cppcheck.
Line: 27
Column: 22
CWE codes:
377
TEST(ProtoUtilsTest, SimpleReadWrite) {
string content("The quick brown fox jumps over the lazy dog.");
string name = std::tmpnam(nullptr);
EXPECT_TRUE(WriteStringToFile(content, name.c_str()));
string read_back;
EXPECT_TRUE(ReadStringFromFile(name.c_str(), &read_back));
EXPECT_EQ(content, read_back);
}
Reported by FlawFinder.
test/cpp_extensions/no_python_abi_suffix_test/setup.py
2 issues
Line: 2
Column: 1
from setuptools import setup
from torch.utils.cpp_extension import BuildExtension, CppExtension
setup(
name="no_python_abi_suffix_test",
ext_modules=[
CppExtension("no_python_abi_suffix_test", ["no_python_abi_suffix_test.cpp"])
],
cmdclass={"build_ext": BuildExtension.with_options(no_python_abi_suffix=True)},
Reported by Pylint.
Line: 1
Column: 1
from setuptools import setup
from torch.utils.cpp_extension import BuildExtension, CppExtension
setup(
name="no_python_abi_suffix_test",
ext_modules=[
CppExtension("no_python_abi_suffix_test", ["no_python_abi_suffix_test.cpp"])
],
cmdclass={"build_ext": BuildExtension.with_options(no_python_abi_suffix=True)},
Reported by Pylint.
caffe2/video/video_input_op.h
2 issues
Line: 589
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
image_proto.dims(0),
image_proto.dims(1),
(src_c == 3) ? CV_8UC3 : CV_8UC1);
memcpy(
src.ptr<uchar>(0),
image_proto.byte_data().data(),
image_proto.byte_data().size());
} else {
throw std::runtime_error(
Reported by FlawFinder.
Line: 622
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
CAFFE_ENFORCE(rgb_img.isContinuous());
unsigned char* data = new unsigned char[scale_h_ * scale_w_ * channels_rgb_];
memcpy(
data,
rgb_img.data,
scale_h_ * scale_w_ * channels_rgb_ * sizeof(unsigned char));
buffer_rgb.push_back(data);
width = scale_w_;
Reported by FlawFinder.
test/cpp/api/moduledict.cpp
2 issues
Line: 159
Column: 20
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
const auto& values = dict->values();
const auto& expected = ordereddict.values();
ASSERT_EQ(values, expected);
ASSERT_TRUE(std::equal(
dict->begin(),
dict->end(),
ordereddict.begin(),
[](const auto& lhs,
const auto& rhs) {
Reported by FlawFinder.
Line: 191
Column: 20
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
ModuleDict second(ordereddict);
ASSERT_EQ(first->size(), second->size());
ASSERT_TRUE(std::equal(
first->begin(),
first->end(),
second->begin(),
[](const auto& lhs,
const auto& rhs) {
Reported by FlawFinder.
caffe2/serialize/istream_adapter.cc
2 issues
Line: 21
Column: 24
CWE codes:
120
20
return result;
}
size_t IStreamAdapter::read(uint64_t pos, void* buf, size_t n, const char* what)
const {
istream_->seekg(pos);
validate(what);
istream_->read(static_cast<char*>(buf), n);
validate(what);
Reported by FlawFinder.
Line: 25
Column: 13
CWE codes:
120
20
const {
istream_->seekg(pos);
validate(what);
istream_->read(static_cast<char*>(buf), n);
validate(what);
return n;
}
void IStreamAdapter::validate(const char* what) const {
Reported by FlawFinder.
test/distributed/bin/test_script.py
2 issues
Line: 1
Column: 1
#!/usr/bin/env python3
# Copyright (c) Facebook, Inc. and its affiliates.
# All rights reserved.
#
# This source code is licensed under the BSD-style license found in the
# LICENSE file in the root directory of this source tree.
Reported by Pylint.
Line: 10
Column: 1
# LICENSE file in the root directory of this source tree.
def main():
print("Success, smoke test")
if __name__ == "__main__":
main()
Reported by Pylint.
test/cpp/jit/test_argument_spec.cpp
2 issues
Line: 48
}
} // namespace
TEST(ArgumentSpecTest, CompleteArgumentSpec_CUDA) {
auto const CF = at::CPU(at::kFloat);
auto const CD = at::CPU(at::kDouble);
auto const GF = at::CUDA(at::kFloat);
auto const GD = at::CUDA(at::kDouble);
Reported by Cppcheck.
Line: 19
Column: 12
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
bool isEqual(at::IntArrayRef lhs, at::IntArrayRef rhs) {
return lhs.size() == rhs.size() &&
std::equal(lhs.begin(), lhs.end(), rhs.begin());
}
bool isEqual(const CompleteArgumentInfo& ti, const autograd::Variable& v) {
if (!ti.defined())
return ti.defined() == v.defined();
Reported by FlawFinder.
test/cpp/jit/test_save_load.cpp
2 issues
Line: 47
ASSERT_EQ(loaded_extra_files["metadata.json"], "abc");
}
TEST(SerializationTest, ExtraFileHooksNoSecret) {
// no secrets
std::stringstream ss;
{
Module m("__torch__.m");
ExtraFilesMap extra;
Reported by Cppcheck.
Line: 150
Column: 18
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
// Check if the sizes of the outputs (op and c) is same on the GPU and CPU
ASSERT_EQ(op.sizes(), c.sizes());
// Check if both the output tensors are equal
ASSERT_TRUE(op.equal(c));
}
} // namespace jit
} // namespace torch
Reported by FlawFinder.
caffe2/quantization/server/l2_minimization_example.cc
2 issues
Line: 20
Column: 40
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
ifstream in(argv[1]);
ofstream out(argv[2]);
bool preserve_sparsity = argc >= 4 ? atoi(argv[3]) : false;
int precision = argc >= 5 ? atoi(argv[4]) : 8;
vector<tuple<int, string, int, string>> infos;
vector<Histogram> hists;
Reported by FlawFinder.
Line: 21
Column: 31
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
ifstream in(argv[1]);
ofstream out(argv[2]);
bool preserve_sparsity = argc >= 4 ? atoi(argv[3]) : false;
int precision = argc >= 5 ? atoi(argv[4]) : 8;
vector<tuple<int, string, int, string>> infos;
vector<Histogram> hists;
string line;
Reported by FlawFinder.
test/cpp/api/dataloader.cpp
2 issues
Line: 2101
Column: 16
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
ASSERT_EQ(batch.size(), expected_result.size());
ASSERT_TRUE(
std::equal(batch.begin(), batch.end(), expected_result.begin()));
initial_value += batch_size;
}
}
Reported by FlawFinder.
Line: 2240
Column: 16
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
ASSERT_EQ(result.size(), expected_result.size());
ASSERT_TRUE(
std::equal(result.begin(), result.end(), expected_result.begin()));
}
}
}
TEST(DataLoaderTest, CustomPreprocessPolicy) {
Reported by FlawFinder.