The following issues were found
chromium_src/chrome/browser/process_singleton_posix.cc
5 issues
Line: 430
Column: 7
CWE codes:
362
// Try taking an flock(2) on the file. Failure means the lock is taken so we
// should quit.
base::ScopedFD lock_fd(HANDLE_EINTR(
open(lock_path.value().c_str(), O_RDWR | O_CREAT | O_SYMLINK, 0644)));
if (!lock_fd.is_valid()) {
PLOG(ERROR) << "Could not open singleton lock";
return false;
}
Reported by FlawFinder.
Line: 517
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const int fd_ = -1;
// Store the message in this buffer.
char buf_[kMaxMessageLength];
// Tracks the number of bytes we've read in case we're getting partial
// reads.
size_t bytes_read_ = 0;
Reported by FlawFinder.
Line: 844
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Read ACK message from the other process. It might be blocked for a certain
// timeout, to make sure the other process has enough time to return ACK.
char buf[kMaxACKMessageLength + 1];
ssize_t len = ReadFromSocket(socket.fd(), buf, kMaxACKMessageLength, timeout);
// Failed to read ACK, the other process might have been frozen.
if (len <= 0) {
if (!kill_unresponsive || !KillProcessByLockPath())
Reported by FlawFinder.
Line: 204
Column: 31
CWE codes:
120
20
size_t bytes_read = 0;
do {
ssize_t rv = HANDLE_EINTR(read(fd, buf + bytes_read, bufsize - bytes_read));
if (rv < 0) {
if (errno != EAGAIN && errno != EWOULDBLOCK) {
PLOG(ERROR) << "read() failed";
return rv;
} else {
Reported by FlawFinder.
Line: 633
Column: 22
CWE codes:
120
20
DCHECK_CURRENTLY_ON(BrowserThread::IO);
while (bytes_read_ < sizeof(buf_)) {
ssize_t rv =
HANDLE_EINTR(read(fd_, buf_ + bytes_read_, sizeof(buf_) - bytes_read_));
if (rv < 0) {
if (errno != EAGAIN && errno != EWOULDBLOCK) {
PLOG(ERROR) << "read() failed";
CloseSocket(fd_);
return;
Reported by FlawFinder.
script/lib/npx.py
4 issues
Line: 1
Column: 1
import os
import subprocess
import sys
def npx(*npx_args):
npx_env = os.environ.copy()
npx_env['npm_config_yes'] = 'true'
call_args = [__get_executable_name()] + list(npx_args)
Reported by Pylint.
Line: 2
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import os
import subprocess
import sys
def npx(*npx_args):
npx_env = os.environ.copy()
npx_env['npm_config_yes'] = 'true'
call_args = [__get_executable_name()] + list(npx_args)
Reported by Bandit.
Line: 6
Column: 1
import sys
def npx(*npx_args):
npx_env = os.environ.copy()
npx_env['npm_config_yes'] = 'true'
call_args = [__get_executable_name()] + list(npx_args)
subprocess.check_call(call_args, env=npx_env)
Reported by Pylint.
Line: 10
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
npx_env = os.environ.copy()
npx_env['npm_config_yes'] = 'true'
call_args = [__get_executable_name()] + list(npx_args)
subprocess.check_call(call_args, env=npx_env)
def __get_executable_name():
executable = 'npx'
if sys.platform == 'win32':
Reported by Bandit.
script/lib/npm.py
4 issues
Line: 1
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import subprocess
import sys
def npm(*npm_args):
call_args = [__get_executable_name()] + list(npm_args)
subprocess.check_call(call_args)
Reported by Bandit.
Line: 1
Column: 1
import subprocess
import sys
def npm(*npm_args):
call_args = [__get_executable_name()] + list(npm_args)
subprocess.check_call(call_args)
Reported by Pylint.
Line: 5
Column: 1
import sys
def npm(*npm_args):
call_args = [__get_executable_name()] + list(npm_args)
subprocess.check_call(call_args)
def __get_executable_name():
Reported by Pylint.
Line: 7
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
def npm(*npm_args):
call_args = [__get_executable_name()] + list(npm_args)
subprocess.check_call(call_args)
def __get_executable_name():
executable = 'npm'
if sys.platform == 'win32':
Reported by Bandit.
shell/browser/browser_win.cc
4 issues
Line: 99
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!IsValidCustomProtocol(url_scheme))
return std::wstring();
wchar_t out_buffer[1024];
DWORD buffer_size = base::size(out_buffer);
HRESULT hr =
AssocQueryString(ASSOCF_IS_PROTOCOL, assoc_str, url_scheme.c_str(), NULL,
out_buffer, &buffer_size);
if (FAILED(hr)) {
Reported by FlawFinder.
Line: 238
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if (res == ERROR_SUCCESS) {
DWORD type, size;
wchar_t startup_binary[12];
LONG result =
RegQueryValueEx(hkey, it->Name(), nullptr, &type,
reinterpret_cast<BYTE*>(&startup_binary),
&(size = sizeof(startup_binary)));
if (result == ERROR_SUCCESS) {
Reported by FlawFinder.
Line: 247
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (type == REG_BINARY) {
// any other binary other than this indicates that the program is
// not set to launch at login
wchar_t binary_accepted[12] = {0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00};
wchar_t binary_accepted_alt[12] = {0x02, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00};
Reported by FlawFinder.
Line: 250
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wchar_t binary_accepted[12] = {0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00};
wchar_t binary_accepted_alt[12] = {0x02, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00};
std::string reg_binary(reinterpret_cast<char*>(binary_accepted));
std::string reg_binary_alt(
reinterpret_cast<char*>(binary_accepted_alt));
Reported by FlawFinder.
shell/browser/api/electron_api_url_loader.cc
3 issues
Line: 81
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
public:
explicit BufferDataSource(base::span<char> buffer) {
buffer_.resize(buffer.size());
memcpy(buffer_.data(), buffer.data(), buffer_.size());
}
~BufferDataSource() override = default;
private:
// mojo::DataPipeProducer::DataSource:
Reported by FlawFinder.
Line: 95
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t writable_size = buffer.size();
size_t copyable_size = std::min(readable_size, writable_size);
if (copyable_size > 0) {
memcpy(buffer.data(), &buffer_[offset], copyable_size);
}
result.bytes_read = copyable_size;
} else {
NOTREACHED();
result.result = MOJO_RESULT_OUT_OF_RANGE;
Reported by FlawFinder.
Line: 551
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
v8::HandleScope handle_scope(isolate);
auto array_buffer = v8::ArrayBuffer::New(isolate, string_piece.size());
auto backing_store = array_buffer->GetBackingStore();
memcpy(backing_store->Data(), string_piece.data(), string_piece.size());
Emit("data", array_buffer,
base::AdaptCallbackForRepeating(std::move(resume)));
}
void SimpleURLLoaderWrapper::OnComplete(bool success) {
Reported by FlawFinder.
shell/common/api/electron_api_asar.cc
3 issues
Line: 92
Column: 20
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
// Returns the path of file with symbol link resolved.
v8::Local<v8::Value> Realpath(v8::Isolate* isolate,
const base::FilePath& path) {
base::FilePath realpath;
if (!archive_ || !archive_->Realpath(path, &realpath))
return v8::False(isolate);
return gin::ConvertToV8(isolate, realpath);
}
Reported by FlawFinder.
Line: 93
Column: 49
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
v8::Local<v8::Value> Realpath(v8::Isolate* isolate,
const base::FilePath& path) {
base::FilePath realpath;
if (!archive_ || !archive_->Realpath(path, &realpath))
return v8::False(isolate);
return gin::ConvertToV8(isolate, realpath);
}
// Copy the file out into a temporary file and returns the new path.
Reported by FlawFinder.
Line: 95
Column: 38
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
base::FilePath realpath;
if (!archive_ || !archive_->Realpath(path, &realpath))
return v8::False(isolate);
return gin::ConvertToV8(isolate, realpath);
}
// Copy the file out into a temporary file and returns the new path.
v8::Local<v8::Value> CopyFileOut(v8::Isolate* isolate,
const base::FilePath& path) {
Reported by FlawFinder.
shell/browser/api/electron_api_app.cc
2 issues
Line: 1023
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
CFStringRef value = CFStringRef(
static_cast<CFTypeRef>(CFLocaleGetValue(locale, kCFLocaleCountryCode)));
const CFIndex kCStringSize = 128;
char temporaryCString[kCStringSize] = {0};
CFStringGetCString(value, temporaryCString, kCStringSize,
kCFStringEncodingUTF8);
region = temporaryCString;
#else
const char* locale_ptr = setlocale(LC_TIME, nullptr);
Reported by FlawFinder.
Line: 1016
Column: 35
CWE codes:
126
GetLocaleInfoEx(LOCALE_NAME_SYSTEM_DEFAULT, LOCALE_SISO3166CTRYNAME,
(LPWSTR)&locale_name,
sizeof(locale_name) / sizeof(WCHAR))) {
base::WideToUTF8(locale_name, wcslen(locale_name), ®ion);
}
#elif defined(OS_MAC)
CFLocaleRef locale = CFLocaleCopyCurrent();
CFStringRef value = CFStringRef(
static_cast<CFTypeRef>(CFLocaleGetValue(locale, kCFLocaleCountryCode)));
Reported by FlawFinder.
shell/browser/ui/win/jump_list.cc
2 issues
Line: 95
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
DCHECK(item);
item->type = JumpListItem::Type::kTask;
wchar_t path[MAX_PATH];
if (FAILED(shell_link->GetPath(path, base::size(path), nullptr, 0)))
return false;
item->path = base::FilePath(path);
Reported by FlawFinder.
Line: 124
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
item->icon_index = icon_index;
}
wchar_t item_desc[INFOTIPSIZE];
if (SUCCEEDED(shell_link->GetDescription(item_desc, base::size(item_desc))))
item->description = item_desc;
return true;
}
Reported by FlawFinder.
shell/common/platform_util_win.cc
2 issues
Line: 298
Column: 7
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
// found" even though the file is there. In these cases, ShellExecute()
// seems to work as a fallback (although it won't select the file).
if (hr == ERROR_FILE_NOT_FOUND) {
ShellExecute(NULL, L"open", dir.value().c_str(), NULL, NULL, SW_SHOW);
} else {
LOG(WARNING) << " " << __func__ << "(): Can't open full_path = \""
<< full_path.value() << "\""
<< " hr = " << logging::SystemErrorCodeToString(hr);
}
Reported by FlawFinder.
Line: 437
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
} // namespace internal
bool GetFolderPath(int key, base::FilePath* result) {
wchar_t system_buffer[MAX_PATH];
switch (key) {
case electron::DIR_RECENT:
if (FAILED(SHGetFolderPath(NULL, CSIDL_RECENT, NULL, SHGFP_TYPE_CURRENT,
system_buffer))) {
Reported by FlawFinder.
shell/browser/ui/file_dialog_win.cc
2 issues
Line: 207
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (FAILED(hr))
return false;
wchar_t file_name[MAX_PATH];
hr = GetFileNameFromShellItem(item, SIGDN_FILESYSPATH, file_name,
base::size(file_name));
if (FAILED(hr))
return false;
Reported by FlawFinder.
Line: 78
Column: 9
CWE codes:
126
HRESULT hRet = pShellItem->GetDisplayName(type, &lpstrName);
if (SUCCEEDED(hRet)) {
if (wcslen(lpstrName) < cchLength) {
wcscpy_s(lpstr, cchLength, lpstrName);
} else {
NOTREACHED();
hRet = DISP_E_BUFFERTOOSMALL;
}
Reported by FlawFinder.