The following issues were found

src/third_party/boost/boost/multi_index/detail/iter_adaptor.hpp
8 issues
equal - Function does not check the second iterator for over-read conditions
Security

Line: 48 Column: 15 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                }

  template<class Class>
  static bool equal(const Class& x,const Class& y)
  {
    return x.equal(y);
  }

  template<class Class>

            

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 50 Column: 14 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                template<class Class>
  static bool equal(const Class& x,const Class& y)
  {
    return x.equal(y);
  }

  template<class Class>
  static void increment(Class& x)
  {

            

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 101 Column: 33 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

              
  friend bool operator==(const Derived& x,const Derived& y)
  {
    return iter_adaptor_access::equal(x,y);
  }

  Derived& operator++()
  {
    iter_adaptor_access::increment(final());

            

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 120 Column: 31 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                const forward_iter_adaptor_base<Derived,Base>& x,
  const forward_iter_adaptor_base<Derived,Base>& y)
{
  return iter_adaptor_access::equal(
    static_cast<const Derived&>(x),static_cast<const Derived&>(y));
}

template<>
struct iter_adaptor_selector<std::forward_iterator_tag>

            

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 153 Column: 33 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

              
  friend bool operator==(const Derived& x,const Derived& y)
  {
    return iter_adaptor_access::equal(x,y);
  }

  Derived& operator++()
  {
    iter_adaptor_access::increment(final());

            

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 178 Column: 31 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                const bidirectional_iter_adaptor_base<Derived,Base>& x,
  const bidirectional_iter_adaptor_base<Derived,Base>& y)
{
  return iter_adaptor_access::equal(
    static_cast<const Derived&>(x),static_cast<const Derived&>(y));
}

template<>
struct iter_adaptor_selector<std::bidirectional_iterator_tag>

            

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 212 Column: 33 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

              
  friend bool operator==(const Derived& x,const Derived& y)
  {
    return iter_adaptor_access::equal(x,y);
  }

  friend bool operator<(const Derived& x,const Derived& y)
  {
    return iter_adaptor_access::distance_to(x,y)>0;

            

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 259 Column: 31 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                const random_access_iter_adaptor_base<Derived,Base>& x,
  const random_access_iter_adaptor_base<Derived,Base>& y)
{
  return iter_adaptor_access::equal(
    static_cast<const Derived&>(x),static_cast<const Derived&>(y));
}

template<class Derived,class Base>
bool operator<(

            

Reported by FlawFinder.

src/third_party/boost/boost/move/detail/type_traits.hpp
8 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 265 Column: 25 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                 template<typename Tt, typename Ut>
   class boost_move_tt_is_assignable
   {
      struct twochar {  char dummy[2]; };
      template < class T
               , class U
               , class = decltype(boost_move_tt_declval<T>() = boost_move_tt_declval<U>())
               > static char test(int);


            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 280 Column: 25 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                 template<typename Tt, typename Ut>
   class boost_move_tt_is_constructible
   {
      struct twochar {  char dummy[2]; };
      template < class T
               , class U
               , class = decltype(T(boost_move_tt_declval<U>()))
               > static char test(int);


            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 742 Column: 21 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              template <class T>
struct is_reference_convertible_to_pointer
{
   struct twochar { char dummy[2]; };
   template <class U> static char    test(U*);
   template <class U> static twochar test(...);
   static T& source();
   static const bool value = sizeof(char) == sizeof(test<T>(source()));
};

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 963 Column: 21 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              // https://connect.microsoft.com/VisualStudio/feedback/details/800328/std-is-copy-constructible-is-broken
#if defined(BOOST_MOVE_TT_CXX11_IS_COPY_ASSIGNABLE)
   typedef char yes_type;
   struct no_type { char dummy[2]; };
   
   template <class U>   static typename add_reference<U>::type source();
   template <class U>   static decltype(source<U&>() = source<const U&>(), yes_type() ) test(int);
   template <class>     static no_type test(...);


            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1168 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
   typedef aligned_struct<Align> aligner_t;
   aligner_t aligner;
   unsigned char data[Len > sizeof(aligner_t) ? Len : sizeof(aligner_t)];
};

template<std::size_t Len, std::size_t Align>
struct aligned_storage_impl
{

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1186 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              template<std::size_t Len>\
struct BOOST_ALIGNMENT(A) aligned_struct<Len, A>\
{\
   unsigned char data[Len];\
};\
//

//Up to 4K alignment (typical page size)
BOOST_MOVE_ALIGNED_STORAGE_WITH_BOOST_ALIGNMENT(0x1)

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1214 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
   typedef aligned_struct<Len, Align> aligner_t;
   aligned_struct<Len, Align> aligner;
   unsigned char data[Len > sizeof(aligner_t) ? Len : sizeof(aligner_t)];
};

template<std::size_t Len, std::size_t Align>
struct aligned_storage_impl
{

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1229 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              union aligned_union
{   
   T aligner;
   unsigned char data[Len > sizeof(T) ? Len : sizeof(T)];
};

template<std::size_t Len, std::size_t Align, class T, bool Ok>
struct aligned_next;


            

Reported by FlawFinder.

src/third_party/wiredtiger/test/suite/suite_random.py
8 issues
Module 'wttest' has no 'getRandomSeed' member
Error

Line: 60 Column: 28

                      w = self.seedw
        z = self.seedz
        if w == 0 or z == 0:
            seedw, seedz = wttest.getRandomSeed()
            self.seedw = int(seedw) & 0xffffffff
            self.seedz = int(seedz) & 0xffffffff

        self.seedz = (36969 * (z & 65535) + (z >> 16)) & 0xffffffff
        self.seedw = (18000 * (w & 65535) + (w >> 16)) & 0xffffffff

            

Reported by Pylint.

Missing module docstring
Error

Line: 1 Column: 1

              #!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled

            

Reported by Pylint.

Class name "suite_random" doesn't conform to PascalCase naming style
Error

Line: 33 Column: 1

              #    A quick and predictable pseudo random number generator.
import wttest

class suite_random:
    """
    Generate random 32 bit integers that are predictable,
    and use no global state.  We use the Multiply-with-carry
    method invented by George Marsaglia, because it is quick
    and easy to implement.

            

Reported by Pylint.

Variable name "w" doesn't conform to snake_case naming style
Error

Line: 57 Column: 9

                      """
        returns a random 32 bit integer
        """
        w = self.seedw
        z = self.seedz
        if w == 0 or z == 0:
            seedw, seedz = wttest.getRandomSeed()
            self.seedw = int(seedw) & 0xffffffff
            self.seedz = int(seedz) & 0xffffffff

            

Reported by Pylint.

Variable name "z" doesn't conform to snake_case naming style
Error

Line: 58 Column: 9

                      returns a random 32 bit integer
        """
        w = self.seedw
        z = self.seedz
        if w == 0 or z == 0:
            seedw, seedz = wttest.getRandomSeed()
            self.seedw = int(seedw) & 0xffffffff
            self.seedz = int(seedz) & 0xffffffff


            

Reported by Pylint.

Argument name "m" doesn't conform to snake_case naming style
Error

Line: 68 Column: 5

                      self.seedw = (18000 * (w & 65535) + (w >> 16)) & 0xffffffff
        return ((z << 16) + (w & 65535)) & 0xffffffff

    def rand_range(self, n, m):
        """
        returns a random integer in the range [N,M).
        """
        if m > 0xffffffff or n < 0:
            raise ValueError("rand32_range expects args between 0 , 2^32")

            

Reported by Pylint.

Argument name "n" doesn't conform to snake_case naming style
Error

Line: 68 Column: 5

                      self.seedw = (18000 * (w & 65535) + (w >> 16)) & 0xffffffff
        return ((z << 16) + (w & 65535)) & 0xffffffff

    def rand_range(self, n, m):
        """
        returns a random integer in the range [N,M).
        """
        if m > 0xffffffff or n < 0:
            raise ValueError("rand32_range expects args between 0 , 2^32")

            

Reported by Pylint.

Variable name "r" doesn't conform to snake_case naming style
Error

Line: 76 Column: 9

                          raise ValueError("rand32_range expects args between 0 , 2^32")
        if n >= m:
            raise ValueError("rand32_range(n,m) expects n < m")
        r = self.rand32()
        return (r % (m - n)) + n

    def rand_float(self):
        """
        returns a random floating point value between 0 and 1.0

            

Reported by Pylint.

src/mongo/bson/bson_validate_test.cpp
8 issues
syntax error
Error

Line: 56

                  bb->appendStr("asdf", /*withNUL*/ false);
}

TEST(BSONValidate, Basic) {
    BSONObj x;
    ASSERT_TRUE(x.valid());

    x = BSON("x" << 1);
    ASSERT_TRUE(x.valid());

            

Reported by Cppcheck.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 177 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

              
        // Copy the 'original' BSONObj to 'buffer'.
        unique_ptr<char[]> buffer(new char[original.objsize()]);
        memcpy(buffer.get(), original.objdata(), original.objsize());

        // Randomly flip bits in 'buffer', with probability determined by 'fuzzFrequency'. The
        // first four bytes, representing the size of the object, are excluded from bit
        // flipping.
        for (int32_t byteIdx = 4; byteIdx < original.objsize(); ++byteIdx) {

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 221 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              }

TEST(BSONValidateFast, Simple2) {
    char buf[64];
    for (int i = 1; i <= JSTypeMax; i++) {
        BSONObjBuilder b;
        sprintf(buf, "foo%d", i);
        b.appendMinForType(buf, i);
        sprintf(buf, "bar%d", i);

            

Reported by FlawFinder.

sprintf - Does not check for buffer overflows
Security

Line: 224 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

                  char buf[64];
    for (int i = 1; i <= JSTypeMax; i++) {
        BSONObjBuilder b;
        sprintf(buf, "foo%d", i);
        b.appendMinForType(buf, i);
        sprintf(buf, "bar%d", i);
        b.appendMaxForType(buf, i);
        BSONObj x = b.obj();
        ASSERT_OK(validateBSON(x.objdata(), x.objsize()));

            

Reported by FlawFinder.

sprintf - Does not check for buffer overflows
Security

Line: 226 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

                      BSONObjBuilder b;
        sprintf(buf, "foo%d", i);
        b.appendMinForType(buf, i);
        sprintf(buf, "bar%d", i);
        b.appendMaxForType(buf, i);
        BSONObj x = b.obj();
        ASSERT_OK(validateBSON(x.objdata(), x.objsize()));
    }
}

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 236 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
TEST(BSONValidateFast, Simple3) {
    BSONObjBuilder b;
    char buf[64];
    for (int i = 1; i <= JSTypeMax; i++) {
        sprintf(buf, "foo%d", i);
        b.appendMinForType(buf, i);
        sprintf(buf, "bar%d", i);
        b.appendMaxForType(buf, i);

            

Reported by FlawFinder.

sprintf - Does not check for buffer overflows
Security

Line: 238 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

                  BSONObjBuilder b;
    char buf[64];
    for (int i = 1; i <= JSTypeMax; i++) {
        sprintf(buf, "foo%d", i);
        b.appendMinForType(buf, i);
        sprintf(buf, "bar%d", i);
        b.appendMaxForType(buf, i);
    }
    BSONObj x = b.obj();

            

Reported by FlawFinder.

sprintf - Does not check for buffer overflows
Security

Line: 240 Column: 9 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf

                  for (int i = 1; i <= JSTypeMax; i++) {
        sprintf(buf, "foo%d", i);
        b.appendMinForType(buf, i);
        sprintf(buf, "bar%d", i);
        b.appendMaxForType(buf, i);
    }
    BSONObj x = b.obj();
    ASSERT_OK(validateBSON(x.objdata(), x.objsize()));
}

            

Reported by FlawFinder.

src/third_party/boost/boost/iostreams/detail/restrict_impl.hpp
8 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 146 Column: 13 CWE codes: 362

                  {
        using namespace std;
        if (!open_)
            open(src, BOOST_IOS::in);
        std::streamsize amt =
            end_ != -1 ?
                (std::min) (n, static_cast<std::streamsize>(end_ - pos_)) :
                n;
        std::streamsize result = 

            

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 162 Column: 13 CWE codes: 362

                  std::streamsize write(Sink& snk, const char_type* s, std::streamsize n)
    {
        if (!open_)
            open(snk, BOOST_IOS::out);
        if (end_ != -1 && pos_ + n >= end_) {
            if(pos_ < end_)
                pos_ += iostreams::write(this->component(),
                    snk, s, end_ - pos_);
            boost::throw_exception(bad_write());

            

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 213 Column: 10 CWE codes: 362

                  }
private:
    template<typename Device>
    void open(Device& dev, BOOST_IOS::openmode which)
    {
        typedef typename is_convertible<mode, dual_use>::type is_dual_use;
        open_ = true;
        which = is_dual_use() ? which : (BOOST_IOS::in | BOOST_IOS::out);
        iostreams::skip(this->component(), dev, beg_, which);

            

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 81 Column: 21 CWE codes: 120 20

                      { };
    restricted_indirect_device( param_type dev, stream_offset off,
                                stream_offset len = -1 );
    std::streamsize read(char_type* s, std::streamsize n);
    std::streamsize write(const char_type* s, std::streamsize n);
    std::streampos seek(stream_offset off, BOOST_IOS::seekdir way);
private:
    stream_offset beg_, pos_, end_;
};

            

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 142 Column: 21 CWE codes: 120 20

                                     stream_offset len = -1 );

    template<typename Source>
    std::streamsize read(Source& src, char_type* s, std::streamsize n)
    {
        using namespace std;
        if (!open_)
            open(src, BOOST_IOS::in);
        std::streamsize amt =

            

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 152 Column: 24 CWE codes: 120 20

                              (std::min) (n, static_cast<std::streamsize>(end_ - pos_)) :
                n;
        std::streamsize result = 
            iostreams::read(this->component(), src, s, amt);
        if (result != -1)
            pos_ += result;
        return result;
    }


            

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 261 Column: 60 CWE codes: 120 20

              }

template<typename Device>
inline std::streamsize restricted_indirect_device<Device>::read
    (char_type* s, std::streamsize n)
{
    using namespace std;
    std::streamsize amt =
        end_ != -1 ?

            

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 269 Column: 41 CWE codes: 120 20

                      end_ != -1 ?
            (std::min) (n, static_cast<std::streamsize>(end_ - pos_)) :
            n;
    std::streamsize result = iostreams::read(this->component(), s, amt);
    if (result != -1)
        pos_ += result;
    return result;
}


            

Reported by FlawFinder.

src/third_party/pcre-8.42/pcrecpp.cc
8 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 776 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

                    ((str[n] >= 'a') && (str[n] <= 'f')) ||
      ((str[n] >= 'A') && (str[n] <= 'F'))) {
    if (n > kMaxNumberLength) return ""; // Input too big to be a valid number
    memcpy(buf, str, n);
    buf[n] = '\0';
    return buf;
  } else {
    // We can parse right out of the supplied string, so return it.
    return str;

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 790 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                                         void* dest,
                           int radix) {
  if (n == 0) return false;
  char buf[kMaxNumberLength+1];
  str = TerminateNumber(buf, str, n);
  char* end;
  errno = 0;
  long r = strtol(str, &end, radix);
  if (end != str + n) return false;   // Leftover junk

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 807 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                                          void* dest,
                            int radix) {
  if (n == 0) return false;
  char buf[kMaxNumberLength+1];
  str = TerminateNumber(buf, str, n);
  if (str[0] == '-') return false;    // strtoul() on a negative number?!
  char* end;
  errno = 0;
  unsigned long r = strtoul(str, &end, radix);

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 876 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                return false;
#else
  if (n == 0) return false;
  char buf[kMaxNumberLength+1];
  str = TerminateNumber(buf, str, n);
  char* end;
  errno = 0;
#if defined HAVE_STRTOQ
  long long r = strtoq(str, &end, radix);

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 907 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                return false;
#else
  if (n == 0) return false;
  char buf[kMaxNumberLength+1];
  str = TerminateNumber(buf, str, n);
  if (str[0] == '-') return false;    // strtoull() on a negative number?!
  char* end;
  errno = 0;
#if defined HAVE_STRTOQ

            

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 934 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              bool Arg::parse_double(const char* str, int n, void* dest) {
  if (n == 0) return false;
  static const int kMaxLength = 200;
  char buf[kMaxLength];
  if (n >= kMaxLength) return false;
  memcpy(buf, str, n);
  buf[n] = '\0';
  errno = 0;
  char* end;

            

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 936 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

                static const int kMaxLength = 200;
  char buf[kMaxLength];
  if (n >= kMaxLength) return false;
  memcpy(buf, str, n);
  buf[n] = '\0';
  errno = 0;
  char* end;
  double r = strtod(buf, &end);
  if (end != buf + n) return false;   // Leftover junk

            

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 173 Column: 18 CWE codes: 126

                    for (;;) {   // Loop for any number of leading items

        for (kk = 0; start_options[kk][0] != 0; kk++) {
          klen = strlen(start_options[kk]);
          kmat = strncmp(pattern_.c_str(), start_options[kk], klen);
          if (kmat >= 0) break;
        }
        if (kmat != 0) break;  // Not found


            

Reported by FlawFinder.

src/third_party/wiredtiger/test/suite/test_empty.py
8 issues
Unable to import 'wiredtiger'
Error

Line: 30 Column: 1

              # OTHER DEALINGS IN THE SOFTWARE.

import os
import wiredtiger, wttest
from wtscenario import make_scenarios

# test_empty.py
#       Test that empty objects don't write anything other than a single sector.
class test_empty(wttest.WiredTigerTestCase):

            

Reported by Pylint.

Unused import wiredtiger
Error

Line: 30 Column: 1

              # OTHER DEALINGS IN THE SOFTWARE.

import os
import wiredtiger, wttest
from wtscenario import make_scenarios

# test_empty.py
#       Test that empty objects don't write anything other than a single sector.
class test_empty(wttest.WiredTigerTestCase):

            

Reported by Pylint.

Using deprecated method assertEquals()
Error

Line: 53 Column: 9

                      name = self.name
        if self.type == "table:":
            name = name + '.wt'
        self.assertEquals(os.stat(name).st_size, 4*1024)

if __name__ == '__main__':
    wttest.run()

            

Reported by Pylint.

Missing module docstring
Error

Line: 1 Column: 1

              #!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled

            

Reported by Pylint.

Multiple imports on one line (wiredtiger, wttest)
Error

Line: 30 Column: 1

              # OTHER DEALINGS IN THE SOFTWARE.

import os
import wiredtiger, wttest
from wtscenario import make_scenarios

# test_empty.py
#       Test that empty objects don't write anything other than a single sector.
class test_empty(wttest.WiredTigerTestCase):

            

Reported by Pylint.

Missing class docstring
Error

Line: 35 Column: 1

              
# test_empty.py
#       Test that empty objects don't write anything other than a single sector.
class test_empty(wttest.WiredTigerTestCase):
    name = 'test_empty'

    scenarios = make_scenarios([
        ('file-r', dict(type='file:', fmt='r')),
        ('file-S', dict(type='file:', fmt='S')),

            

Reported by Pylint.

Class name "test_empty" doesn't conform to PascalCase naming style
Error

Line: 35 Column: 1

              
# test_empty.py
#       Test that empty objects don't write anything other than a single sector.
class test_empty(wttest.WiredTigerTestCase):
    name = 'test_empty'

    scenarios = make_scenarios([
        ('file-r', dict(type='file:', fmt='r')),
        ('file-S', dict(type='file:', fmt='S')),

            

Reported by Pylint.

Missing function or method docstring
Error

Line: 46 Column: 5

                  ])

    # Creating an object and then closing it shouldn't write any blocks.
    def test_empty_create(self):
        uri = self.type + self.name
        self.session.create(uri, 'key_format=' + self.fmt + ',value_format=S')
        self.session.close()
        name = self.name
        if self.type == "table:":

            

Reported by Pylint.

src/third_party/wiredtiger/dist/s_function_loop.py
8 issues
Anomalous backslash in string: '\)'. String constant might be missing an r prefix.
Error

Line: 5 Column: 62

              # Each input line is the content of a C function.
import re, sys

p = re.compile('((for |while |_FOREACH|FOREACH_BEGIN)\([^{)]*\)|do) {')
for line in sys.stdin:
    matched = 0
    m = p.search(line)
    while m != None:
        matched = 1

            

Reported by Pylint.

Anomalous backslash in string: '\('. String constant might be missing an r prefix.
Error

Line: 5 Column: 54

              # Each input line is the content of a C function.
import re, sys

p = re.compile('((for |while |_FOREACH|FOREACH_BEGIN)\([^{)]*\)|do) {')
for line in sys.stdin:
    matched = 0
    m = p.search(line)
    while m != None:
        matched = 1

            

Reported by Pylint.

Missing module docstring
Error

Line: 1 Column: 1

              # Mark outer loop boundaries with {@ and }@ .  Nested loops are not marked.
# Each input line is the content of a C function.
import re, sys

p = re.compile('((for |while |_FOREACH|FOREACH_BEGIN)\([^{)]*\)|do) {')
for line in sys.stdin:
    matched = 0
    m = p.search(line)
    while m != None:

            

Reported by Pylint.

Multiple imports on one line (re, sys)
Error

Line: 3 Column: 1

              # Mark outer loop boundaries with {@ and }@ .  Nested loops are not marked.
# Each input line is the content of a C function.
import re, sys

p = re.compile('((for |while |_FOREACH|FOREACH_BEGIN)\([^{)]*\)|do) {')
for line in sys.stdin:
    matched = 0
    m = p.search(line)
    while m != None:

            

Reported by Pylint.

Constant name "matched" doesn't conform to UPPER_CASE naming style
Error

Line: 7 Column: 5

              
p = re.compile('((for |while |_FOREACH|FOREACH_BEGIN)\([^{)]*\)|do) {')
for line in sys.stdin:
    matched = 0
    m = p.search(line)
    while m != None:
        matched = 1
        pos = m.end()
        out = line[:pos] + "@"

            

Reported by Pylint.

Comparison 'm != None' should be 'm is not None'
Error

Line: 9 Column: 11

              for line in sys.stdin:
    matched = 0
    m = p.search(line)
    while m != None:
        matched = 1
        pos = m.end()
        out = line[:pos] + "@"
        level = 1
        length = len(line)

            

Reported by Pylint.

Constant name "matched" doesn't conform to UPPER_CASE naming style
Error

Line: 10 Column: 9

                  matched = 0
    m = p.search(line)
    while m != None:
        matched = 1
        pos = m.end()
        out = line[:pos] + "@"
        level = 1
        length = len(line)
        while level > 0 and pos < length:

            

Reported by Pylint.

Constant name "level" doesn't conform to UPPER_CASE naming style
Error

Line: 13 Column: 9

                      matched = 1
        pos = m.end()
        out = line[:pos] + "@"
        level = 1
        length = len(line)
        while level > 0 and pos < length:
            c = line[pos:pos+1]
            pos += 1
            out += c

            

Reported by Pylint.

src/third_party/wiredtiger/test/suite/test_empty_value.py
8 issues
Unable to import 'wiredtiger'
Error

Line: 32 Column: 1

              # test_empty_value.py
#       Smoke test empty row-store values.

from wiredtiger import stat
import wiredtiger, wttest

# Smoke test empty row-store values.
class test_row_store_empty_values(wttest.WiredTigerTestCase):
    conn_config = 'statistics=(all)'

            

Reported by Pylint.

Unable to import 'wiredtiger'
Error

Line: 33 Column: 1

              #       Smoke test empty row-store values.

from wiredtiger import stat
import wiredtiger, wttest

# Smoke test empty row-store values.
class test_row_store_empty_values(wttest.WiredTigerTestCase):
    conn_config = 'statistics=(all)'


            

Reported by Pylint.

Unused import wiredtiger
Error

Line: 33 Column: 1

              #       Smoke test empty row-store values.

from wiredtiger import stat
import wiredtiger, wttest

# Smoke test empty row-store values.
class test_row_store_empty_values(wttest.WiredTigerTestCase):
    conn_config = 'statistics=(all)'


            

Reported by Pylint.

Missing module docstring
Error

Line: 1 Column: 1

              #!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled

            

Reported by Pylint.

Multiple imports on one line (wiredtiger, wttest)
Error

Line: 33 Column: 1

              #       Smoke test empty row-store values.

from wiredtiger import stat
import wiredtiger, wttest

# Smoke test empty row-store values.
class test_row_store_empty_values(wttest.WiredTigerTestCase):
    conn_config = 'statistics=(all)'


            

Reported by Pylint.

Missing class docstring
Error

Line: 36 Column: 1

              import wiredtiger, wttest

# Smoke test empty row-store values.
class test_row_store_empty_values(wttest.WiredTigerTestCase):
    conn_config = 'statistics=(all)'

    # Smoke test empty row-store values.
    def test_row_store_empty_values(self):
        nentries = 25000

            

Reported by Pylint.

Class name "test_row_store_empty_values" doesn't conform to PascalCase naming style
Error

Line: 36 Column: 1

              import wiredtiger, wttest

# Smoke test empty row-store values.
class test_row_store_empty_values(wttest.WiredTigerTestCase):
    conn_config = 'statistics=(all)'

    # Smoke test empty row-store values.
    def test_row_store_empty_values(self):
        nentries = 25000

            

Reported by Pylint.

Missing function or method docstring
Error

Line: 40 Column: 5

                  conn_config = 'statistics=(all)'

    # Smoke test empty row-store values.
    def test_row_store_empty_values(self):
        nentries = 25000
        uri = 'file:test_empty_values'          # This is a btree layer test.

        # Create the object, open the cursor, insert some records with zero-length values.
        self.session.create(uri, 'key_format=S,value_format=u')

            

Reported by Pylint.

src/third_party/wiredtiger/test/py_install/testbase.py
8 issues
Unable to import 'wiredtiger'
Error

Line: 31 Column: 1

              
# A quick sanity test of an installation via 'pip install wiredtiger'.

import wiredtiger, shutil, os
from wiredtiger import wiredtiger_open, wiredtiger_version

wthome = "WTPY_TEST"
shutil.rmtree(wthome, ignore_errors=True)
os.mkdir(wthome)

            

Reported by Pylint.

Unable to import 'wiredtiger'
Error

Line: 32 Column: 1

              # A quick sanity test of an installation via 'pip install wiredtiger'.

import wiredtiger, shutil, os
from wiredtiger import wiredtiger_open, wiredtiger_version

wthome = "WTPY_TEST"
shutil.rmtree(wthome, ignore_errors=True)
os.mkdir(wthome)
conn = wiredtiger_open(wthome, "create")

            

Reported by Pylint.

Unused import wiredtiger
Error

Line: 31 Column: 1

              
# A quick sanity test of an installation via 'pip install wiredtiger'.

import wiredtiger, shutil, os
from wiredtiger import wiredtiger_open, wiredtiger_version

wthome = "WTPY_TEST"
shutil.rmtree(wthome, ignore_errors=True)
os.mkdir(wthome)

            

Reported by Pylint.

Missing module docstring
Error

Line: 1 Column: 1

              #!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled

            

Reported by Pylint.

standard import "import wiredtiger, shutil, os" should be placed before "import wiredtiger, shutil, os"
Error

Line: 31 Column: 1

              
# A quick sanity test of an installation via 'pip install wiredtiger'.

import wiredtiger, shutil, os
from wiredtiger import wiredtiger_open, wiredtiger_version

wthome = "WTPY_TEST"
shutil.rmtree(wthome, ignore_errors=True)
os.mkdir(wthome)

            

Reported by Pylint.

Multiple imports on one line (wiredtiger, shutil, os)
Error

Line: 31 Column: 1

              
# A quick sanity test of an installation via 'pip install wiredtiger'.

import wiredtiger, shutil, os
from wiredtiger import wiredtiger_open, wiredtiger_version

wthome = "WTPY_TEST"
shutil.rmtree(wthome, ignore_errors=True)
os.mkdir(wthome)

            

Reported by Pylint.

standard import "import wiredtiger, shutil, os" should be placed before "import wiredtiger, shutil, os"
Error

Line: 31 Column: 1

              
# A quick sanity test of an installation via 'pip install wiredtiger'.

import wiredtiger, shutil, os
from wiredtiger import wiredtiger_open, wiredtiger_version

wthome = "WTPY_TEST"
shutil.rmtree(wthome, ignore_errors=True)
os.mkdir(wthome)

            

Reported by Pylint.

Constant name "wthome" doesn't conform to UPPER_CASE naming style
Error

Line: 34 Column: 1

              import wiredtiger, shutil, os
from wiredtiger import wiredtiger_open, wiredtiger_version

wthome = "WTPY_TEST"
shutil.rmtree(wthome, ignore_errors=True)
os.mkdir(wthome)
conn = wiredtiger_open(wthome, "create")
session = conn.open_session()
session.create('table:foo', 'key_format=S,value_format=i')

            

Reported by Pylint.