The following issues were found

torch/csrc/deploy/deploy.cpp
2 issues
There is an unknown macro here somewhere. Configuration is required. If TORCH_DEPLOY_TRY is a macro then please configure it.
Error

Line: 97 

              }

Package InterpreterManager::load_package(const std::string& uri) {
  TORCH_DEPLOY_TRY
  return Package(uri, this);
  TORCH_DEPLOY_SAFE_CATCH_RETHROW
}

Package InterpreterManager::load_package(

Reported by Cppcheck.

mkstemp - Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library
Security

Line: 191 Column: 12 CWE codes: 377 

                  : handle_(nullptr), manager_(manager) {
  // NOLINTNEXTLINE(modernize-avoid-c-arrays,cppcoreguidelines-avoid-c-arrays)
  char library_name[] = "/tmp/torch_deployXXXXXX";
  int fd = mkstemp(library_name);
  TORCH_INTERNAL_ASSERT(fd != -1, "failed to create temporary file");
  library_name_ = library_name;
  FILE* dst = fdopen(fd, "wb");

  custom_loader_ = writeDeployInterpreter(dst);

Reported by FlawFinder.

torch/csrc/cuda/Event.cpp
2 issues
There is an unknown macro here somewhere. Configuration is required. If HANDLE_TH_ERRORS is a macro then please configure it.
Error

Line: 93 

              }

static PyObject * THCPEvent_get_cuda_event(THCPEvent *self, void *unused) {
  HANDLE_TH_ERRORS
  return PyLong_FromVoidPtr(self->cuda_event.event());
  END_HANDLE_TH_ERRORS
}

static PyObject * THCPEvent_get_device(THCPEvent *self, void *unused) {

Reported by Cppcheck.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 80 Column: 8 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
  // NOLINTNEXTLINE(cppcoreguidelines-init-variables)
  cudaIpcEventHandle_t handle;
  std::memcpy(&handle, handle_string.c_str(), handle_string.size());
  new (&self->cuda_event) at::cuda::CUDAEvent(device.index(), &handle);

  return (PyObject *)ptr.release();
  END_HANDLE_TH_ERRORS
}

Reported by FlawFinder.

torch/csrc/autograd/python_variable.cpp
2 issues
There is an unknown macro here somewhere. Configuration is required. If HANDLE_TH_ERRORS is a macro then please configure it.
Error

Line: 675 

              PyObject *THPVariable_get_name(THPVariable* self, void *unused)
{
  if (check_has_torch_function((PyObject *)self)) {
    HANDLE_TH_ERRORS
    return handle_torch_function_getter(self, "name");
    END_HANDLE_TH_ERRORS
  }
  const auto& tensor = THPVariable_Unpack(self);
  if (tensor.name() == "")

Reported by Cppcheck.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 1497 Column: 58 CWE codes: 126 

                // Make me some null terminated strings
  std::string ns_str = qualified_name.substr(0, pos);
  const char* ns = ns_str.c_str();
  const char* func_name = qualified_name.c_str() + pos + strlen("::");

  // The plan: convert all the arguments back into PyObjects,
  // extracting out the tensor handles, then call
  // handle_torch_function_no_python_arg_parser
  // NB: at the point arguments are pushed to the stack, ALL defaults

Reported by FlawFinder.

test/package/package_b/subpackage_0/__init__.py
2 issues
Constant name "result" doesn't conform to UPPER_CASE naming style
Error

Line: 1 Column: 1 

              result = "subpackage_0"

Reported by Pylint.

Missing module docstring
Error

Line: 1 Column: 1 

              result = "subpackage_0"

Reported by Pylint.

tools/code_coverage/oss_coverage.py
2 issues
Missing module docstring
Error

Line: 1 Column: 1 

              #!/usr/bin/env python3
import time

from package.oss.cov_json import get_json_report
from package.oss.init import initialization
from package.tool.summarize_jsons import summarize_jsons
from package.util.setting import TestPlatform
from package.util.utils import print_time

Reported by Pylint.

Missing function or method docstring
Error

Line: 11 Column: 1 

              from package.util.utils import print_time


def report_coverage() -> None:
    start_time = time.time()
    (options, test_list, interested_folders) = initialization()
    # run cpp tests
    get_json_report(test_list, options)
    # collect coverage data from json profiles

Reported by Pylint.

torch/csrc/api/src/optim/adamw.cpp
2 issues
equal - Function does not check the second iterator for over-read conditions
Security

Line: 54 Column: 18 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

              
bool operator==(const AdamWParamState& lhs, const AdamWParamState& rhs) {
  return (lhs.step() == rhs.step()) &&
          torch::equal(lhs.exp_avg(), rhs.exp_avg()) &&
          torch::equal(lhs.exp_avg_sq(), rhs.exp_avg_sq()) &&
          torch::equal_if_defined(lhs.max_exp_avg_sq(), rhs.max_exp_avg_sq());
}

void AdamWParamState::serialize(torch::serialize::OutputArchive& archive) const {

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 55 Column: 18 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

              bool operator==(const AdamWParamState& lhs, const AdamWParamState& rhs) {
  return (lhs.step() == rhs.step()) &&
          torch::equal(lhs.exp_avg(), rhs.exp_avg()) &&
          torch::equal(lhs.exp_avg_sq(), rhs.exp_avg_sq()) &&
          torch::equal_if_defined(lhs.max_exp_avg_sq(), rhs.max_exp_avg_sq());
}

void AdamWParamState::serialize(torch::serialize::OutputArchive& archive) const {
  _TORCH_OPTIM_SERIALIZE_TORCH_ARG(step);

Reported by FlawFinder.

torch/csrc/api/src/optim/adam.cpp
2 issues
equal - Function does not check the second iterator for over-read conditions
Security

Line: 54 Column: 18 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

              
bool operator==(const AdamParamState& lhs, const AdamParamState& rhs) {
  return (lhs.step() == rhs.step()) &&
          torch::equal(lhs.exp_avg(), rhs.exp_avg()) &&
          torch::equal(lhs.exp_avg_sq(), rhs.exp_avg_sq()) &&
          torch::equal_if_defined(lhs.max_exp_avg_sq(), rhs.max_exp_avg_sq());
}

void AdamParamState::serialize(torch::serialize::OutputArchive& archive) const {

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 55 Column: 18 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

              bool operator==(const AdamParamState& lhs, const AdamParamState& rhs) {
  return (lhs.step() == rhs.step()) &&
          torch::equal(lhs.exp_avg(), rhs.exp_avg()) &&
          torch::equal(lhs.exp_avg_sq(), rhs.exp_avg_sq()) &&
          torch::equal_if_defined(lhs.max_exp_avg_sq(), rhs.max_exp_avg_sq());
}

void AdamParamState::serialize(torch::serialize::OutputArchive& archive) const {
  _TORCH_OPTIM_SERIALIZE_TORCH_ARG(step);

Reported by FlawFinder.

torch/csrc/api/src/data/samplers/random.cpp
2 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 58 Column: 11 CWE codes: 120 20 

              
void RandomSampler::load(serialize::InputArchive& archive) {
  auto tensor = torch::empty(1, torch::kInt64);
  archive.read(
      "index",
      tensor,
      /*is_buffer=*/true);
  index_ = tensor.item<int64_t>();
  archive.read(

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 63 Column: 11 CWE codes: 120 20 

                    tensor,
      /*is_buffer=*/true);
  index_ = tensor.item<int64_t>();
  archive.read(
      "indices",
      indices_,
      /*is_buffer=*/true);
}

Reported by FlawFinder.

test/package/module_a.py
2 issues
Missing module docstring
Error

Line: 1 Column: 1 

              result = "module_a"

Reported by Pylint.

Constant name "result" doesn't conform to UPPER_CASE naming style
Error

Line: 1 Column: 1 

              result = "module_a"

Reported by Pylint.

torch/csrc/Module.cpp
2 issues
There is an unknown macro here somewhere. Configuration is required. If HANDLE_TH_ERRORS is a macro then please configure it.
Error

Line: 343 

              
static PyObject *THPModule_showConfig(PyObject *module, PyObject *noargs)
{
  HANDLE_TH_ERRORS
  return THPUtils_packString(at::show_config());
  END_HANDLE_TH_ERRORS
}

static PyObject *THPModule_cxxFlags(PyObject *module, PyObject *noargs)

Reported by Cppcheck.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 164 Column: 12 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                THPUtils_assert(THPUtils_checkLong(arg), "crash_if_csrc_asan expects an int, "
          "but got %s", THPUtils_typename(arg));
  //NOLINTNEXTLINE(cppcoreguidelines-avoid-c-arrays, modernize-avoid-c-arrays)
  volatile char x[3];
  x[THPUtils_unpackInt(arg)] = 0;
  //NOLINTNEXTLINE(clang-analyzer-core.CallAndMessage)
  return THPUtils_packInt32(x[0]);
}

Reported by FlawFinder.