The following issues were found
test/sql/updates/setup.v6.sql
1 issues
Line: 5
Column: 1
-- Please see the included NOTICE for copyright information and
-- LICENSE-APACHE for a copy of the license.
\ir setup.v2.sql
\ir setup.continuous_aggs.v2.sql
\ir setup.compression.sql
\ir setup.policies.sql
Reported by SQLint.
test/sql/updates/setup.v5.sql
1 issues
Line: 5
Column: 1
-- Please see the included NOTICE for copyright information and
-- LICENSE-APACHE for a copy of the license.
\ir setup.v4.sql
\ir setup.compression.sql
Reported by SQLint.
tsl/src/continuous_aggs/insert.c
1 issues
Line: 207
Column: 18
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
elog(ERROR, "must supply hypertable id");
hypertable_id_str = trigdata->tg_trigger->tgargs[0];
hypertable_id = atol(hypertable_id_str);
if (!CALLED_AS_TRIGGER(fcinfo))
elog(ERROR, "continuous agg trigger function must be called by trigger manager");
if (!TRIGGER_FIRED_AFTER(trigdata->tg_event) || !TRIGGER_FIRED_FOR_ROW(trigdata->tg_event))
elog(ERROR, "continuous agg trigger function must be called in per row after trigger");
Reported by FlawFinder.
tsl/src/data_node.c
1 issues
Line: 396
Column: 20
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
Assert(PQnfields(res) > 2);
actual_encoding = atoi(PQgetvalue(res, 0, 0));
if (actual_encoding != database->encoding)
ereport(ERROR,
(errcode(ERRCODE_TS_DATA_NODE_INVALID_CONFIG),
errmsg("database exists but has wrong encoding"),
errdetail("Expected database encoding to be \"%s\" (%u) but it was \"%s\" (%u).",
Reported by FlawFinder.
tsl/src/dist_backup.c
1 issues
Line: 72
Column: 18
CWE codes:
126
if (SRF_IS_FIRSTCALL())
{
int name_len = strlen(name);
MemoryContext oldctx;
TupleDesc tupdesc;
char *sql;
if (name_len >= MAXFNAMELEN)
Reported by FlawFinder.
tsl/src/dist_util.c
1 issues
Line: 184
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ereport(ERROR,
(errcode(ERRCODE_TS_INTERNAL_ERROR), (errmsg("distributed peer ID already set"))));
memcpy(id.data, uuid->data, UUID_LEN);
peer_dist_id = &id;
}
bool
dist_util_is_frontend_session(void)
Reported by FlawFinder.
test/sql/updates/setup.v4.sql
1 issues
Line: 5
Column: 1
-- Please see the included NOTICE for copyright information and
-- LICENSE-APACHE for a copy of the license.
\ir setup.v3.sql
Reported by SQLint.
tsl/src/fdw/option.c
1 issues
Line: 177
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ereport(ERROR, (errcode(ERRCODE_FDW_OUT_OF_MEMORY), errmsg("out of memory")));
/* Append FDW-specific options and dummy terminator. */
memcpy(timescaledb_fdw_options, non_libpq_options, sizeof(non_libpq_options));
}
/*
* Check whether the given option is one of the valid timescaledb_fdw options.
* context is the Oid of the catalog holding the object the option is for.
Reported by FlawFinder.
tsl/src/fdw/scan_plan.c
1 issues
Line: 147
CWE codes:
476
else
{
Assert(IS_UPPER_REL(rel));
scan_path = create_upper_path(root,
rel,
NULL,
rows,
startup_cost,
total_cost,
Reported by Cppcheck.
tsl/src/hypertable.c
1 issues
Line: 79
Column: 29
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
Assert(PQnfields(res) == AttrNumberGetAttrOffset(_Anum_create_hypertable_max));
remote_ids =
lappend(remote_ids,
(void *) Int32GetDatum(atoi(
PQgetvalue(res, 0, AttrNumberGetAttrOffset(Anum_create_hypertable_id)))));
}
ts_dist_cmd_close_response(dist_res);
foreach (cell, commands->dimension_add_commands)
Reported by FlawFinder.